RE: host-based ips ?

["Security News" <security () riggstar com>]

HIDS (Host-based IDS) primarily focuses on attacks internally by monitoring
OS logs for local attacks such as file integrity, unsuccessful logon
attempts, policy changes, illegal services turned on/off on servers, etc.

-----Original Message-----
From: Shimono, Toshio (ISS Tokyo) [mailto:tshimono () isskk co jp]
Sent: Thursday, April 17, 2003 9:21 PM
To: focus-ids () securityfocus com
Subject: RE: host-based ips ?


Hello.

> there are some nips (network based ips), but i never ever heard about
> host based ips. any body have known about this?

You mean that the host based IPS is one of IDSes that can detect
attacks and protects the host which it has been installed from the attacks,
don't you?
I think there are some products. For example, Symantec Internet Security,
ISS RealSecure Server sensor and so on.

Toshi Shimono

----------------------------------------------------------------------------
--
INTRUSION PREVENTION: READY FOR PRIME TIME?

IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities -
including intrusion identification, relevancy, direction, impact and
analysis - enabling a path to prevention.

Download the latest white paper "Intrusion Prevention: Myths, Challenges,
and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids




------------------------------------------------------------------------------
INTRUSION PREVENTION: READY FOR PRIME TIME?
 
IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities - 
including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention. 
 
Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: 
http://www.securityfocus.com/IntruVert-focus-ids