IDS mailing list archives

Re: Replacing antivirus soft with a real IDS/IPS

From: Jeffrey.Stebelton () bisys com
Date: Tue, 13 Dec 2005 07:47:45 -0500

Like the concept of Core Force but haven't had any success with it. Have
installed on it on two Windows XP machines, both fully patched and
up-to-date. First box crashed with blue screen of death, something I
haven't seen in a long time with XP. Second box (my home box) went into a
reboot loop; had to use Safe Mode and whack Core Force to get up again.
Hope the next version is stable because, as I said, I like the concept...

js


                                                                           
             Albert Gonzalez                                               
             <albertg () gmail co                                             
             m>                                                         To 
                                       carlopmart <carlopmart () gmail com>   
             12/10/2005 02:39                                           cc 
             PM                        focus-ids () securityfocus com         
                                                                   Subject 
                                       Re: Replacing antivirus soft with a 
                                       real IDS/IPS                        
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




CL,

You might want to take a look at coreForce[1].

From their "About" page.


CORE FORCE can be used to:
- Protect your computer from compromises by worms, virus and email-borne
malware

- Prevent your computer from being used as a staging point to amplify
attacks and compromise others

- Prevent exploitation of known bugs in the operating system and
applications running on your computer

- Prevent exploitation of unknown bugs (0-day) in the operating system
and applications running on your computer

- Detect and prevent execution of adware, spyware, trojan horses and
other malware on you computer

HTH,
Albert Gonzalez

[1] http://force.coresecurity.com


On 12/6/05, carlopmart <carlopmart () gmail com> wrote:

Hi all,

  I am going to setup a testing lab with several windows XP virtual
machines. My pourpose is to do some tests with HIDS/IPS software for
windows and not to use antivirus software. Can you recommends me some
HIDS software for windows ( free software if it is possible)?.

  And another question, will windows survive to several attacks
(virus, trojans, etc) without using antivirus software ??? Have anyone
tryied this??

Thank you very much and sorry for my bad english.

--
CL Martinez
carlopmart {at} gmail {d0t} com




--
"Success comes to the person who does today, what you are thinking of
doing tomorrow."

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------



============================================
STATEMENT OF CONFIDENTIALITY

The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain confidential or privileged information. No representation is made
on its accuracy or completeness of the information contained in this
electronic message.  Certain assumptions may have been made in the
preparation of this material as of this date, and are subject to change
without notice.  If you are not the intended recipient, you are hereby
notified that any dissemination, distribution or copying of this e-mail and
any attachment(s) is strictly prohibited.

Please reply to the sender and destroy all copies of this message and any
attachments from your system.


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

Current thread:

Replacing antivirus soft with a real IDS/IPS carlopmart (Dec 10)
- Re: Replacing antivirus soft with a real IDS/IPS Packet Man (Dec 12)
- Re: Replacing antivirus soft with a real IDS/IPS Albert Gonzalez (Dec 12)
  - Re: Replacing antivirus soft with a real IDS/IPS Jeffrey . Stebelton (Dec 15)
- Re: Replacing antivirus soft with a real IDS/IPS FinAckSyn (Dec 15)
- Re: Replacing antivirus soft with a real IDS/IPS Jason Thompson (Dec 16)
  - Re: Replacing antivirus soft with a real IDS/IPS InfoSecBOFH (Dec 18)
  - Re: Replacing antivirus soft with a real IDS/IPS Pete Herzog (Dec 21)
    - Re: Replacing antivirus soft with a real IDS/IPS carlopmart (Dec 21)