Re: Windows based (H)IDS
From: Bugtraq storage account (bugtrak_at_iquebec.com)
Date: 03/01/04
- Previous message: Joseph M Hoffman: "RE: [inbox] Re: Counter detect Network Sniffer"
- In reply to: Gregory Kane: "Windows based (H)IDS"
- Next in thread: Shaiful: "Re: Windows based (H)IDS"
- Reply: Shaiful: "Re: Windows based (H)IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 01 Mar 2004 16:34:09 -0500 To: Gregory Kane <gregory.kane@us.army.mil>
Not as hard to get as one would think, as I have pretty much the same
offering, not only free but also Open Source, along with other HIDS
techniques than simply file integrity checking. I also made softwares for
monitoring and analysing logs, so that other softwares can be added to the
mix, like Snort for example, so it can be manageable over a network. I
know there are other freely available HIDS softwares for Windows apart from
the ones I've made (in some cases with the help of other people).
I also happen to have commercial versions for most of these softwares, but
Open Source software is something I truly believe in.
I agree with you that Snort can be set for an individual NIC, using the -p
option, which is great because it technically enables NIDS capabilities on
a fully encrypted network, something we are still far from seeing as the
norm. But still something interesting to contemplate.
You should think about setting up a website for distributing your tools
rather than by e-mail, it makes it easier for everybody, including you.
My files can be downloaded from http://securit.iquebec.com/
Adam Richard
SécurIT Informatique Inc.
At 02:28 PM 01/03/2004, Gregory Kane wrote:
>Over a year ago I through together a quick HIDS, can be used as a NIDS or
>DIDS, using Snort and a small, but efficient program called FileChecker.
>As both are free, which is hard to get together in Windows, the cost is
>the time to configure. If anyone is interested, send me an email off line
>and I'll send you the basics of this. Yes, Snort can be set for an
>individual NIC.
>
>
>---------------------------------------------------------------------------
>Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
>wireless security
>
>Protect your network against hackers, viruses, spam and other risks with
>Astaro
>Security Linux, the comprehensive security solution that combines six
>applications in one software solution for ease of use and lower total cost of
>ownership.
>
>Download your free trial at
>http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
>---------------------------------------------------------------------------
>
>_____________________________________________________________________
>Un mot doux à envoyer? Une sortie ciné à organiser? Faites le en temps
>réel avec MSN Messenger! C'est gratuit! http://ifrance.com/_reloc/m
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
---------------------------------------------------------------------------
- Previous message: Joseph M Hoffman: "RE: [inbox] Re: Counter detect Network Sniffer"
- In reply to: Gregory Kane: "Windows based (H)IDS"
- Next in thread: Shaiful: "Re: Windows based (H)IDS"
- Reply: Shaiful: "Re: Windows based (H)IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
