Re: Host Based IDS Recommendations?

• Previous message: Zach Forsyth: "FW: Host Based IDS Recommendations?"
• In reply to: Alvin Wong: "Host Based IDS Recommendations?"
• Next in thread: Mark E. Donaldson: "RE: Host Based IDS Recommendations?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Alvin Wong" <alvin.wong@b2b.com.my>, <focus-ids@securityfocus.com>
Date: Mon, 13 Oct 2003 15:13:48 +0100

> I would like to find out for Windows boxes if there are any
> recommendations for Host based IDS, i know that for unix there is AIDE,
> linux, tripwire. What are the solutions for Windows machines? Would
> running a software IDS that is capable of monitoring and protecting the
> file systems a la tripwire with signed hashes kept in removable media be
> sufficient? If there are, what are the usual suspects for host based IDS
> that is used prevalently in industry? I'm hoping for both free and
> commercial solutions

Theres a company called Trustcorps whom provide a commercial solution to
what i believe you're looking for:

http://www.trustcorps.com/

"Intrusion Prevention technology such as TRUSHIELD™ is designed to not only
detect activities on the server that could damage data or that are
unauthorised activities, but stops them dead in their tracks. Where
Intrusion detection stops, IPS takes over, to ensure that critical systems
are as highly protected as possible from the threats of known and unknown
security attacks."

---------------------------------------------------------------------------
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to:
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Precisely Define and Implement Network Security & Performance Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------

• Previous message: Zach Forsyth: "FW: Host Based IDS Recommendations?"
• In reply to: Alvin Wong: "Host Based IDS Recommendations?"
• Next in thread: Mark E. Donaldson: "RE: Host Based IDS Recommendations?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Host Based IDS Recommendations? ... > I would like to find out for Windows boxes if there are any ... > recommendations for Host based IDS, i know that for unix there is AIDE, ... what are the usual suspects for host based IDS ... Intrusion Prevention and Traffic Shaping Technology to: ... (Focus-IDS) Host Based IDS Recommendations? ... I would like to find out for Windows boxes if there are any ... recommendations for Host based IDS, i know that for unix there is AIDE, ... what are the usual suspects for host based IDS ... Intrusion Prevention and Traffic Shaping Technology to: ... (Focus-IDS) Re: Host based IDS methodology and testing ... Host based IDS methodology and testing ... >Any production experience with any of the above products, ... Time delays in reporting alerts are often very dependent on the ... (Focus-IDS) RE: Host based IDS methodology and testing ... I've successfully deployed Snort as a HIDS on a number of production servers ... Host based IDS methodology and testing ... (Focus-IDS) RE: Changes in IDS Companies? ... "intrusion prevention" which imo is 90% marketing, ... organizations would trust an IDS alert to enforce network policy. ... > Subject: RE: Changes in IDS Companies? ... > called Intrusion Prevention Systems or Perimeter Security ... (Focus-IDS)