Security Basics mailing list archives

Re: Host Based Intrusion Detection System Recommendations

From: krymson () gmail com
Date: Wed, 20 Apr 2011 14:29:22 -0600

From your description, my first reaction is to point you away from host-based IDS and over instead fo Data Loss 
Prevention (DLP) tools on the endpoint.

Either way, there aren't any options, in my opinion, that are truly inexpensive. For some, the up-front capital expense
is the only thing that matters, so go open source like OSSEC (or OpenDLP). But others like to take into consideration
the time spent supporting and caring for the tools or ease of knowledge-transfer, in which case you're going to spend
more time poking at "free" things and less time with polished enterprise solutions (Symantec, McAfee, etc.).

<- snip ->
Hello Group,

I was hoping that I can get some help with making a recommendation to the agency I currently work for in regards to a
Host Based Intrusion Detection System. I was asked to make some recommendations, but it must be inexpensive. The HIDS
would be mainly used to set off alerts on unauthorized access to certain resources on sensitive information stored on a
Windows 2008 Enterprise Server edition. It will also be used to monitor access to the resources as well.

Does anybody know of any economical ones? I would also like to know what is being used out their even if they are in
the high end pricing just to provide options.

Thank you in advance?

Fili Moreno

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Host Based Intrusion Detection System Recommendations Fmoreno (Apr 20)
- Re: Host Based Intrusion Detection System Recommendations Hanif Abdul Ghani (Apr 25)
- Re: Host Based Intrusion Detection System Recommendations Todd Haverkos (Apr 25)
  - Re: Host Based Intrusion Detection System Recommendations Claudiu Hulea (Apr 25)
- <Possible follow-ups>
- Re: Host Based Intrusion Detection System Recommendations krymson (Apr 25)