Security Basics mailing list archives

Re: HIDS

From: Daniel Cid <danielcid () yahoo com br>
Date: Mon, 7 Nov 2005 13:22:39 -0300 (ART)

Hello Leon,

I would suggest for you to take a look at the
OSSEC HIDS ( www.ossec.net/hids ).
It has one of the most complete HIDS solutions
that you can find out there.
It does:

-Integrity Checking 
-Rootkit detection
-Log analysis

It can easily be deployed on scalable fashion,
having the "agents" forwarding events to a
central server (with encryption) or locally
installed on a single box. It has e-mail alerts
and some other good stuff.

A new version is comming soon with the option
of a scalable active response (can be executed 
locally on the server or on the server that
generated the event)..

Hope it helps you.

--
Daniel B. Cid, CISSP
daniel.cid @ ( at ) gmail.com

--- Leon <roastin () yahoo com> escreveu:

Hello,

I currently use SANA for server HIDS.  We are
considering looking into Entercypt.  Can the group
suggest any other products i should be looking into?

Are there server based HIDS that are comparable to
Entercypt?

Thanks


      
              
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com




        



        
                
_______________________________________________________ 
Yahoo! Acesso Grátis: Internet rápida e grátis. 
Instale o discador agora!
http://br.acesso.yahoo.com/

Current thread:

HIDS Leon (Nov 04)
- Re: HIDS Fósforo (Nov 07)
- Re: HIDS Daniel Cid (Nov 07)