IDS mailing list archives

Host Based IDS

From: "Security Group" <secgro () gmail com>
Date: Mon, 20 Oct 2008 14:12:52 +0200

Hello,

I am currently evaluating several host-based Intrusion Detection
Systems to monitor servers in a DMZ. My company only wants to monitor
for suspecious behaviour on critical servers, without the need for a
company wide security system. I am not interested in a network-bases
ids because this is already covered by our company.
The list below contains my findings so far;

OSSEC
Open Source Tripwire
SAMHAIN
OSIRIS
AIDE
Third Brigade Deep Security
Symantec Critical System Protection
IBM Proventia
Enterasys Dragon IDS/IPS
McAfee Total Protection for Endpoint
CA Host-Based Intrusion Prevention System r8
GFiEventsManager
Cisco Security Agent

I am thinking of suggesting OSSEC. Does anyone have any other suggestions?

Thanks in advance.

Kind regards,

Babel Timon

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------

Current thread:

Host Based IDS Security Group (Oct 20)
- Re: Host Based IDS Stefano Zanero (Oct 20)
  - Re: Host Based IDS Brad Lhotsky (Oct 21)
  - RE: Host Based IDS Kirk, James P. (Oct 21)
  - Message not available
    - Re: Host Based IDS Stefano Zanero (Oct 21)
  - Re: Host Based IDS jeffrey . stebelton (Oct 21)
    - Re: Host Based IDS JiPi DiNi (Oct 22)
- Re: Host Based IDS Dharmendra T (Oct 21)
- Re: Host Based IDS Erik Harrison (Oct 21)
  - Re: Host Based IDS belka (Oct 21)
- RE: Host Based IDS Andrew Plato (Oct 21)

(Thread continues...)