RE: Windows Open source/Freeware security tools

["Levinson, Karl" <LevinsonK () STARS-SMI com>]

I can't say these are the best, but here are some popular ones.  Try a
www.google.com or www.google.com/advanced_group_search search as well to
find what you're looking for.


Firewalls: For free network firewalls, I'm not sure why you'd look for a
freeware Windows firewall when there are many more options for *nix, such as
those listed at http://securityadmin.info/faq.asp#firewall

If you desire a "personal" firewall software to inspect or protect one
computer, there's www.sygate.com, www.agnitum.com, www.kerio.com or some
people like www.zonealarm.com  I'm not a fan of using Windows 2000/XP/2003
IPSec as a firewall due to lack of logging, but it is an option.

IDS:  www.snort.org

Log collection/archiving: 
NTSYSLOG? http://sourceforge.net/projects/ntsyslog/
Event Log to Syslog?
https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys
One of many possible free syslog clients:  www.kiwisyslog.com 
MS Log Parser from www.microsoft.com/downloads
... or try something that ports your log files to a SQL server database.
For exporting log file dumps, try pstools from www.sysinternals.com 

File monitoring (like tripwire):  
SIM from www.gfi.com, or some people try scripting their own using PERL etc.

Honeypots: 
Honeyd? www.securityprofiling.com/honeyd/honeyd.shtml
Labrea might be worth considering: 
http://sourceforge.net/project/showfiles.php?group_id=70896

Etc...  What are you looking for?  Try www.foundstone.com [fport, etc],
www.sysinternals.com [pstools, etc.], www.mynetwatchman.com, www.dshield.org
etc.


---------------------------------------------------------------------------
---------------------------------------------------------------------------