IDS mailing list archives

RE: Entercept HIDS Question

From: <Josh.Berry () compucom com>
Date: Tue, 2 Mar 2004 12:25:05 -0600

My company bought Entercept and then immediately removed it from
production if that tells you anything.  It caused blue-screen's like
crazy, huge performance issues, and blocked an inordinate amount of
allowed traffic.  This was even in detect only mode.

-----Original Message-----
From: sam () neuroflux com [mailto:sam () neuroflux com] 
Sent: Tuesday, March 02, 2004 11:31 AM
To: focus-ids () securityfocus com
Subject: Entercept HIDS Question

Hello..  We are currently in the process of selecting a HIDS based
product, and according to the Entercept sales person, they claim that
the
product has a feature that works very much like Tripwire.

My question here, is how much overhead does it add to a server, to watch
the filesystem in real time?  And, if we already have Tripwire, would
their File Integrity checking process be enough to replace Tripwire?

And, if anyone is currently using the Entercept HIDS product, I'm
wondering how easily it can be managed (not only from the HIDS piece,
but
from the file integrity standpoint -- excluding files, creating
policies,
etc.)

Thanks!
-Sam

------------------------------------------------------------------------
---
Free 30-day trial: firewall with virus/spam protection, URL filtering,
VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with
Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total
cost of
ownership.

Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
------------------------------------------------------------------------
---

---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
---------------------------------------------------------------------------

Current thread:

Entercept HIDS Question sam (Mar 02)
- <Possible follow-ups>
- RE: Entercept HIDS Question Josh.Berry (Mar 03)
  - Re: Entercept HIDS Question gatekeeper (Mar 04)
- RE: Entercept HIDS Question Zach Forsyth (Mar 03)
- RE: Entercept HIDS Question dlimanov (Mar 04)
- RE: Entercept HIDS Question Josh.Berry (Mar 08)
- RE: Entercept HIDS Question Ralph H. Chapman (Mar 08)
- RE: Entercept HIDS Question dlimanov (Mar 08)
- Re: Entercept HIDS Question greg gonzalez (Mar 12)
- Re: Entercept HIDS Question counterveil (Mar 12)
- RE: Entercept HIDS Question simonis (Mar 12)
- Re: Entercept HIDS Question John Bedrick (Mar 12)

(Thread continues...)