IDS mailing list archives
Re: Windows based (H)IDS
From: Shaiful <shaifuljahari () yahoo com>
Date: Mon, 1 Mar 2004 19:52:13 -0800 (PST)
Hi guys, It may seems so obvious that snort library is very useful for detecting network based attack (HIDS or NIDS). Anybody knows about any work on snort library? Last time I checked it was only SNORTRAN by Fidelis Security but it is a commercial product. http://packetstormsecurity.nl/papers/IDS/SNORTRAN-wp.pdf Regards, Shaiful --- Bugtraq storage account <bugtrak () iquebec com> wrote:
Not as hard to get as one would think, as I have pretty much the same offering, not only free but also Open Source, along with other HIDS techniques than simply file integrity checking. I also made softwares for monitoring and analysing logs, so that other softwares can be added to the mix, like Snort for example, so it can be manageable over a network. I know there are other freely available HIDS softwares for Windows apart from the ones I've made (in some cases with the help of other people). I also happen to have commercial versions for most of these softwares, but Open Source software is something I truly believe in. I agree with you that Snort can be set for an individual NIC, using the -p option, which is great because it technically enables NIDS capabilities on a fully encrypted network, something we are still far from seeing as the norm. But still something interesting to contemplate. You should think about setting up a website for distributing your tools rather than by e-mail, it makes it easier for everybody, including you. My files can be downloaded from http://securit.iquebec.com/ Adam Richard SécurIT Informatique Inc. At 02:28 PM 01/03/2004, Gregory Kane wrote:Over a year ago I through together a quick HIDS,can be used as a NIDS orDIDS, using Snort and a small, but efficientprogram called FileChecker.As both are free, which is hard to get together inWindows, the cost isthe time to configure. If anyone is interested,send me an email off lineand I'll send you the basics of this. Yes, Snortcan be set for anindividual NIC.---------------------------------------------------------------------------Free 30-day trial: firewall with virus/spamprotection, URL filtering, VPN,wireless security Protect your network against hackers, viruses, spamand other risks withAstaro Security Linux, the comprehensive security solutionthat combines sixapplications in one software solution for ease ofuse and lower total cost ofownership. Download your free trial athttp://www.securityfocus.com/sponsor/Astaro_focus-ids_040301 ---------------------------------------------------------------------------_____________________________________________________________________Un mot doux à envoyer? Une sortie ciné à organiser?Faites le en tempsréel avec MSN Messenger! C'est gratuit!http://ifrance.com/_reloc/m
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
--------------------------------------------------------------------------- __________________________________ Do you Yahoo!? Yahoo! Search - Find what youre looking for faster http://search.yahoo.com --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301 ---------------------------------------------------------------------------
Current thread:
- Windows based (H)IDS Gregory Kane (Mar 01)
- Re: Windows based (H)IDS Bugtraq storage account (Mar 01)
- Re: Windows based (H)IDS Shaiful (Mar 02)
- Re: Windows based (H)IDS Bugtraq storage account (Mar 01)