Re: Windows based (H)IDS

[Shaiful <shaifuljahari () yahoo com>]

Hi guys,

It may seems so obvious that snort library is very
useful for detecting network based attack (HIDS or
NIDS). 

Anybody knows about any work on snort library? Last
time I checked it was only SNORTRAN by Fidelis
Security but it is a commercial product.

http://packetstormsecurity.nl/papers/IDS/SNORTRAN-wp.pdf

Regards,
Shaiful

--- Bugtraq storage account <bugtrak () iquebec com>
wrote:
> Not as hard to get as one would think, as I have
> pretty much the same 
> offering, not only free but also Open Source, along
> with other HIDS 
> techniques than simply file integrity checking.  I
> also made softwares for 
> monitoring and analysing logs, so that other
> softwares can be added to the 
> mix, like Snort for example, so it can be manageable
> over a network.  I 
> know there are other freely available HIDS softwares
> for Windows apart from 
> the ones I've made (in some cases with the help of
> other people).
>
> I also happen to have commercial versions for most
> of these softwares, but 
> Open Source software is something I truly believe
> in.
>
> I agree with you that Snort can be set for an
> individual NIC, using the -p 
> option, which is great because it technically
> enables NIDS capabilities on 
> a fully encrypted network, something we are still
> far from seeing as the 
> norm.  But still something interesting to
> contemplate.
>
> You should think about setting up a website for
> distributing your tools 
> rather than by e-mail, it makes it easier for
> everybody, including you.
>
> My files can be downloaded from
> http://securit.iquebec.com/
>
> Adam Richard
> SécurIT Informatique Inc.
>
> At 02:28 PM 01/03/2004, Gregory Kane wrote:
>
>
>
> > Over a year ago I through together a quick HIDS,
> can be used as a NIDS or 
> > DIDS, using Snort and a small, but efficient
> program called FileChecker. 
> > As both are free, which is hard to get together in
> Windows, the cost is 
> > the time to configure. If anyone is interested,
> send me an email off line 
> > and I'll send you the basics of this. Yes, Snort
> can be set for an 
> > individual NIC.
>
> ---------------------------------------------------------------------------
> > Free 30-day trial: firewall with virus/spam
> protection, URL filtering, VPN,
> > wireless security
> >
> > Protect your network against hackers, viruses, spam
> and other risks with 
> > Astaro
> > Security Linux, the comprehensive security solution
> that combines six
> > applications in one software solution for ease of
> use and lower total cost of
> > ownership.
> >
> > Download your free trial at
>
> http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
>
> ---------------------------------------------------------------------------
> >
>
> _____________________________________________________________________
> > Un mot doux à envoyer? Une sortie ciné à organiser?
> Faites le en temps
> > réel avec MSN Messenger! C'est gratuit!  
> http://ifrance.com/_reloc/m
>
> >
---------------------------------------------------------------------------
> Free 30-day trial: firewall with virus/spam
> protection, URL filtering, VPN,
> wireless security
>
> Protect your network against hackers, viruses, spam
> and other risks with Astaro
> Security Linux, the comprehensive security solution
> that combines six
> applications in one software solution for ease of
> use and lower total cost of
> ownership.
>
> Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
>
---------------------------------------------------------------------------


__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you’re looking for faster
http://search.yahoo.com

---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
---------------------------------------------------------------------------