Re: free hIDS, or system assessment tools

From: Graeme Connell (gconnell_at_middlebury.edu)
Date: 09/27/04

  • Next message: Graeme Connell: "Re: definition for Inline IDS/IPS" 
    Date: Mon, 27 Sep 2004 15:32:23 -0400
To: Fahad Al-Suwais <suwaisfa@alrajhibank.com.sa>

    Wow, broad question. The quick answer: YES. There are MANY tools of
    both types that you've mentioned. Here are a few Host / NIDS things you
    might want to take a quick look at:

        AIDE (Advanced Intrusion Detection Environment): Host based IDS
    like Tripwire
        Prelude: Hybrid IDS with modules that can act as log monitors,
    NIDS, etc.

    There are, I stress, MANY more options for you. Try going to
    Freshmeat.net and searching for "host ids" to get a few more options.

           --Graeme Connell

    Fahad Al-Suwais wrote:

    >Dear...
    >
    >As I know snort is nIDS, nessus is network assessment tool
    >
    >But
    >Is there any free System Assessment tools for windows and *nix
    >Is there any free System or host IDS for windows and *nix
    >
    >Please if you know any products let me know
    >
    >Regards,
    >
    >
    >--------------------------------------------------------------------------
    >Test Your IDS
    >
    >Is your IDS deployed correctly?
    >Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
    >Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
    >--------------------------------------------------------------------------
    >
    >
    >
    >

    --------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
    --------------------------------------------------------------------------

  • Next message: Graeme Connell: "Re: definition for Inline IDS/IPS"

    Relevant Pages

    • Re: Host based IDS methodology and testing
      ... Host based IDS methodology and testing ... >Any production experience with any of the above products, ... Time delays in reporting alerts are often very dependent on the ...
      (Focus-IDS)
    • RE: Host based IDS methodology and testing
      ... I've successfully deployed Snort as a HIDS on a number of production servers ... Host based IDS methodology and testing ...
      (Focus-IDS)
    • Re: IDS is dead, etc
      ... > wouldn't call 'em an IDS, I think they're something different, much ... the host. ... Ensure Reliable Performance of Mission Critical Applications ... Precisely Define and Implement Network Security and Performance Policies ...
      (Focus-IDS)
    • [fw-wiz] Corporate H/N IPS
      ... Two new categories will be Host and Network Intrusion Prevention Systems, ... IDS, they actively block traffic deemed as malicious, almost like a firewall ... previous names for a HIPS have included Network Node IDS ...
      (Firewall-Wizards)
    • H/N IPS -what is there?
      ... Prevention Systems it seemed appropriate ... Two new categories will be Host and Network Intrusion Prevention Systems, ... IDS, they actively block traffic deemed as malicious, almost like a firewall ... A HIPS will block an attack aimed at the Host upon which it is ...
      (Focus-IDS)