RE: Host Based IDS Recommendations?

From: Ryan Finnesey (
Date: 10/19/03

  • Next message: Mark Teicher: "Re: Host Based IDS Recommendations?"
    Date: Sat, 18 Oct 2003 22:58:01 -0400
    To: "Dmitri Smirnov" <>, "Alvin Wong" <>

    Does anyone know if they offer service provider licensing?


    -----Original Message-----
    From: Dmitri Smirnov []
    Sent: Saturday, October 11, 2003 12:25 PM
    To: Alvin Wong
    Subject: RE: Host Based IDS Recommendations?

    I'm very happy at the moment with Cisco Security Agent (Okena
    StormWatch). Support Solaris and Windows.
    I think Cisco promised Linux support in future.
    Very like everything in this product except may be the idea to pay and
    install the useless VMS CW2000...
    I believe it is the best way/technology/product to detect and prevent


    On Oct 10, 2003, at 12:40 AM, Alvin Wong wrote:

    > Hi,
    > I would like to find out for Windows boxes if there are any
    > recommendations for Host based IDS, i know that for unix there is
    > AIDE, linux, tripwire. What are the solutions for Windows machines?
    > Would running a software IDS that is capable of monitoring and
    > protecting the file systems a la tripwire with signed hashes kept in
    > removable media be sufficient? If there are, what are the usual
    > suspects for host based IDS that is used prevalently in industry? I'm
    > hoping for both free and commercial solutions
    > Regards,
    > Alvin
    > ----------------------------------------------------------------------
    > -


    Captus Networks IPS 4000
    Intrusion Prevention and Traffic Shaping Technology to: 
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Automatically Control P2P, IM and Spam Traffic
     - Precisely Define and Implement Network Security & Performance
    FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
    FREE Whitepaper: Better Management for Network Security
    Looking for a better way to manage your IP security?
    Learn how Solsoft can help you:
    - Ensure robust IP security through policy-based management
    - Make firewall, VPN, and NAT rules interoperable across heterogeneous
    - Quickly respond to network events from a central console
    Download our FREE whitepaper at: 

  • Next message: Mark Teicher: "Re: Host Based IDS Recommendations?"

    Relevant Pages

    • RE: IDS and Spywares
      ... > to get data through the network. ... a credit card number being transmitted by some malware to the ... hIDS/hIPS have more information at the host side. ... >> better than any network based security control. ...
    • Re: IDS is dead, etc
      ... > wouldn't call 'em an IDS, I think they're something different, much ... the host. ... Ensure Reliable Performance of Mission Critical Applications ... Precisely Define and Implement Network Security and Performance Policies ...
    • Re: [Full-Disclosure] Is Marty Lying?
      ... > enough to buy the hype of signature-based IDS and to think products like ... The compromise must definately have been limited to ... > their network so if it gets compromised, ... > Snort/Sourcefire network's security. ...
    • [fw-wiz] Corporate H/N IPS
      ... Two new categories will be Host and Network Intrusion Prevention Systems, ... IDS, they actively block traffic deemed as malicious, almost like a firewall ... previous names for a HIPS have included Network Node IDS ...
    • Re: Is IDS/IPS worthless?
      ... IMHO IDS and IPS are not dead, quite the reverse, but in order to make them ... useful they require a degree of continued investment and support. ... is a case for network defense not requiring IDS/IPS to protect their network ... may lull the staff into a false sense of security. ...