Re: Host Based IDS Recommendations?

• Previous message: Morse, Greg: "RE: ICMP Ping Sweep Detection"
• Maybe in reply to: Alvin Wong: "Host Based IDS Recommendations?"
• Next in thread: Mark Teicher: "Re: Host Based IDS Recommendations?"
• Reply: Mark Teicher: "Re: Host Based IDS Recommendations?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: focus-ids@securityfocus.com
Date: Thu, 16 Oct 2003 08:11:14 -0700

Symantec has Intruder Alert 3.6 (formerly made by Axent) with agents for
Solaris, AIX, HP-UX, RH 7.x and Windows.
They also have their new Symantec Host IDS 4.x products, but not all of the
unix varients are out yet.

> > I would like to find out for Windows boxes if there are any
> > recommendations for Host based IDS, i know that for unix there is AIDE,
> > linux, tripwire. What are the solutions for Windows machines? Would
> > running a software IDS that is capable of monitoring and protecting the
> > file systems a la tripwire with signed hashes kept in removable media be
> > sufficient? If there are, what are the usual suspects for host based IDS
> > that is used prevalently in industry? I'm hoping for both free and
> > commercial solutions
>
>

_________________________________________________________________
Compare Cable, DSL or Satellite plans: As low as $29.95.
https://broadband.msn.com

---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_focus-ids_031015
---------------------------------------------------------------------------

• Previous message: Morse, Greg: "RE: ICMP Ping Sweep Detection"
• Maybe in reply to: Alvin Wong: "Host Based IDS Recommendations?"
• Next in thread: Mark Teicher: "Re: Host Based IDS Recommendations?"
• Reply: Mark Teicher: "Re: Host Based IDS Recommendations?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Host based IDS methodology and testing ... Host based IDS methodology and testing ... >Any production experience with any of the above products, ... Time delays in reporting alerts are often very dependent on the ... (Focus-IDS) RE: Host based IDS methodology and testing ... I've successfully deployed Snort as a HIDS on a number of production servers ... Host based IDS methodology and testing ... (Focus-IDS) Re: IDS is dead, etc ... > wouldn't call 'em an IDS, I think they're something different, much ... the host. ... Ensure Reliable Performance of Mission Critical Applications ... Precisely Define and Implement Network Security and Performance Policies ... (Focus-IDS) Re: Platten per Relais einschalten? ... Der Host geht zur ersten ID, ... dann wird diese Platte zum Booten vorgemerkt. ... weil er bei den IDs, wo nichts angeschlossen ist, auch nicht lange ... Windows verwendet also nicht die Settings des BIOS; ... (de.sci.electronics) [fw-wiz] Corporate H/N IPS ... Two new categories will be Host and Network Intrusion Prevention Systems, ... IDS, they actively block traffic deemed as malicious, almost like a firewall ... previous names for a HIPS have included Network Node IDS ... (Firewall-Wizards)