Security Basics mailing list archives
RE: free hIDS, or system assessment tools
From: "Malik Khan" <akhan () manpowernc com>
Date: Mon, 27 Sep 2004 07:33:46 -0400
Try Microsoft Baseline Security Analyzer V1.2.1 http://www.microsoft.com/technet/security/tools/mbsahome.mspx -----Original Message----- From: H Carvey [mailto:keydet89 () yahoo com] Sent: Wednesday, September 22, 2004 1:46 PM To: security-basics () securityfocus com Subject: Re: free hIDS, or system assessment tools In-Reply-To: <65C9FE56B1EB304EA8BC65A50F218C272D53CF () HOMAIL01 alrajhi bank>
Is there any free System Assessment tools for windows and *nix Is there any free System or host IDS for windows and *nix
There are a couple of (free) ways to go about this, particularly on Windows systems... For system assessment, I'd recommend: nmap - http://www.insecure.org ATK - http://www.computec.ch/projekte/atk/ If you know what you're assessing against, Perl can be used to implement WMI as well as make other calls to the system in order to obtain the necessary information for your assessment...and even update the system to bring it in compliance. Perl can also be used to implement free monitoring/hIDS. For example, if you set your audit policy appropriately, use something like wmievt.pl (http://patriot.net/~carvdawg/perl.html) to send Event Log entries off of the system as they are generated. From the same site, you can use FSW.pl to watch for file system changes. HTH, H. Carvey http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ---------------------------------------------------------------------------- ************************************************************* Confidentiality Notice The information contained in this e-mail message is proprietary and confidential, and is intended only for the recipients of this email. Copying and distribution, of information contained in this message is strictly prohibited. If you received this message in error, please immediately notify us by sending e-mail to postmaster () manpowernc com ***************************************************************
Attachment:
smime.p7s
Description:
Current thread:
- free hIDS, or system assessment tools Fahad Al-Suwais (Sep 22)
- Re: free hIDS, or system assessment tools Ty Bodell (Sep 24)
- Re: free hIDS, or system assessment tools Jonathan Loh (Sep 24)
- Re: free hIDS, or system assessment tools Steve (Sep 28)
- <Possible follow-ups>
- RE: free hIDS, or system assessment tools ka55ad (Sep 23)
- RE: free hIDS, or system assessment tools Fahad Al-Suwais (Sep 24)
- Re: free hIDS, or system assessment tools H Carvey (Sep 24)
- RE: free hIDS, or system assessment tools Malik Khan (Sep 28)