IDS mailing list archives
FW: Host Based IDS Recommendations?
From: "Zach Forsyth" <Zach.Forsyth () kiandra com>
Date: Mon, 13 Oct 2003 10:43:21 +1000
Alvin, Try here for an overview of what is on the market: http://www.networkintrusion.co.uk/HIDS.htm Keep an eye on this page: http://www.nss.co.uk/ForthcomingEvents/ips.htm They are planning an IPS report for december this year. Have a look at their other reports as they are very nicely done. I have played around a lot with IPS/HIDS and would recommend Okena/Cisco. Seems to do a great job at a relatively nice price. Haven't had time to look into open source so can't help with that aspect. Cheers Z
-----Original Message----- From: Alvin Wong [mailto:alvin.wong () b2b com my] Sent: Friday, 10 October 2003 16:41 PM To: focus-ids () securityfocus com Subject: Host Based IDS Recommendations? Hi, I would like to find out for Windows boxes if there are any recommendations for Host based IDS, i know that for unix there is AIDE, linux, tripwire. What are the solutions for Windows machines? Would running a software IDS that is capable of monitoring and protecting the file systems a la tripwire with signed hashes kept in removable media be sufficient? If there are, what are the usual suspects for host based IDS that is used prevalently in industry? I'm hoping for both free and commercial solutions Regards, Alvin
--------------------------------------------------------------------------- Captus Networks IPS 4000 Intrusion Prevention and Traffic Shaping Technology to: - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Precisely Define and Implement Network Security & Performance Policies FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101 ---------------------------------------------------------------------------
Current thread:
- Host Based IDS Recommendations? Alvin Wong (Oct 10)
- Re: Host Based IDS Recommendations? Brian Wotring (Oct 10)
- Re: Host Based IDS Recommendations? Jacco Tunnissen (Oct 14)
- Re: Host Based IDS Recommendations? dreamwvr () dreamwvr com (Oct 14)
- Re: Host Based IDS Recommendations? Simon Gray (Oct 14)
- RE: Host Based IDS Recommendations? Mark E. Donaldson (Oct 15)
- <Possible follow-ups>
- RE: Host Based IDS Recommendations? Usama Yehia (Oct 14)
- RE: Host Based IDS Recommendations? Dmitri Smirnov (Oct 14)
- FW: Host Based IDS Recommendations? Zach Forsyth (Oct 14)
- RE: Host Based IDS Recommendations? Milind Nanal (Oct 15)
- RE: Host Based IDS Recommendations? Alvin Wong (Oct 15)
- Re: Host Based IDS Recommendations? edward gonzales (Oct 17)
- Re: Host Based IDS Recommendations? Mark Teicher (Oct 20)
- RE: Host Based IDS Recommendations? Ryan Finnesey (Oct 20)