IDS mailing list archives
RE: Windows Open source/Freeware security tools
From: "Levinson, Karl" <LevinsonK () STARS-SMI com>
Date: Thu, 24 Jul 2003 12:26:03 -0400
I can't say these are the best, but here are some popular ones. Try a www.google.com or www.google.com/advanced_group_search search as well to find what you're looking for. Firewalls: For free network firewalls, I'm not sure why you'd look for a freeware Windows firewall when there are many more options for *nix, such as those listed at http://securityadmin.info/faq.asp#firewall If you desire a "personal" firewall software to inspect or protect one computer, there's www.sygate.com, www.agnitum.com, www.kerio.com or some people like www.zonealarm.com I'm not a fan of using Windows 2000/XP/2003 IPSec as a firewall due to lack of logging, but it is an option. IDS: www.snort.org Log collection/archiving: NTSYSLOG? http://sourceforge.net/projects/ntsyslog/ Event Log to Syslog? https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys One of many possible free syslog clients: www.kiwisyslog.com MS Log Parser from www.microsoft.com/downloads ... or try something that ports your log files to a SQL server database. For exporting log file dumps, try pstools from www.sysinternals.com File monitoring (like tripwire): SIM from www.gfi.com, or some people try scripting their own using PERL etc. Honeypots: Honeyd? www.securityprofiling.com/honeyd/honeyd.shtml Labrea might be worth considering: http://sourceforge.net/project/showfiles.php?group_id=70896 Etc... What are you looking for? Try www.foundstone.com [fport, etc], www.sysinternals.com [pstools, etc.], www.mynetwatchman.com, www.dshield.org etc. --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- RE: Windows Open source/Freeware security tools Levinson, Karl (Jul 24)