Firewall Wizards mailing list archives
Re: Second-Line defense on Windows NT
From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Fri, 21 Nov 1997 13:24:25 -0500 (EST)
One possibility I see, is to implement on possible vulnerable hosts (including the firewall) a small tool that permanently checks the integrity of that host and the access to system resources. This tool should be able to send some kind of real-time alert to administrators/operators when something non-predifined happens on the host and perhaps it should be able to take countermeasures like disabling the external network connection. I'm pretty confident that this kind of tool exists on UNIX platforms, although I can not remember some names I've heard, but at present I'm looking for such a tool for a Windows NT host (commercial or shareware). Can someone help me?
You are probably thinking of tripwire, run from 'cron'. But I don't know whether it (or anything else) does the same thing on MSW-NT. -- Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao COSPO Computer Support EMT-A/B ----------------------------------------------------------------------- PLEASE ... send or Cc: all "COSPO Computer Support" mail to sys-adm () cospo osis gov ----------------------------------------------------------------------- This message is not an official statement of COSPO policies.
Current thread:
- Second-Line defense on Windows NT Toon_Mordijck (Nov 21)
- Re: Second-Line defense on Windows NT Joseph S. D. Yao (Nov 21)
- <Possible follow-ups>
- Re: Second-Line defense on Windows NT Pauline van Winsen - Uniq Professional Services (Nov 22)