Host Based IDS Recommendations?

From: Alvin Wong (alvin.wong_at_b2b.com.my)
Date: 10/10/03

  • Next message: Laurent Demailly: "Open source VA-IDS correlation daemon QuIDScor v1.2 released!"
    To: focus-ids@securityfocus.com
    Date: 10 Oct 2003 14:40:51 +0800
    
    

    Hi,

    I would like to find out for Windows boxes if there are any
    recommendations for Host based IDS, i know that for unix there is AIDE,
    linux, tripwire. What are the solutions for Windows machines? Would
    running a software IDS that is capable of monitoring and protecting the
    file systems a la tripwire with signed hashes kept in removable media be
    sufficient? If there are, what are the usual suspects for host based IDS
    that is used prevalently in industry? I'm hoping for both free and
    commercial solutions

    Regards,
    Alvin

    ---------------------------------------------------------------------------
    Captus Networks IPS 4000
    Intrusion Prevention and Traffic Shaping Technology to:
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Automatically Control P2P, IM and Spam Traffic
     - Precisely Define and Implement Network Security & Performance Policies
    FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
    http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
    ---------------------------------------------------------------------------


  • Next message: Laurent Demailly: "Open source VA-IDS correlation daemon QuIDScor v1.2 released!"

    Relevant Pages

    • Re: Host Based IDS Recommendations?
      ... > I would like to find out for Windows boxes if there are any ... > recommendations for Host based IDS, i know that for unix there is AIDE, ... what are the usual suspects for host based IDS ... Intrusion Prevention and Traffic Shaping Technology to: ...
      (Focus-IDS)
    • Re: Host Based IDS Recommendations?
      ... > I would like to find out for Windows boxes if there are any ... > recommendations for Host based IDS, i know that for unix there is AIDE, ... what are the usual suspects for host based IDS ... "Intrusion Prevention technology such as TRUSHIELD™ is designed to not only ...
      (Focus-IDS)
    • Re: Host based IDS methodology and testing
      ... Host based IDS methodology and testing ... >Any production experience with any of the above products, ... Time delays in reporting alerts are often very dependent on the ...
      (Focus-IDS)
    • RE: Host based IDS methodology and testing
      ... I've successfully deployed Snort as a HIDS on a number of production servers ... Host based IDS methodology and testing ...
      (Focus-IDS)
    • Re: IDS is dead, etc
      ... > wouldn't call 'em an IDS, I think they're something different, much ... the host. ... Ensure Reliable Performance of Mission Critical Applications ... Precisely Define and Implement Network Security and Performance Policies ...
      (Focus-IDS)