Re: IDS



Dnia 03-07-2006, pon o godzinie 05:57 +0000,
Gopinath_Ramamoorthy@xxxxxxxxxx napisał(a):
Dear Team...

I have used few IDS in my network, doesn't found them working in the way i wanted.
My requirement is when there is a machine / laptop are connected to my network, which is not updated with the current Patches, Security updates which is being approved needs to be reported to the Sys admin and immediate necessary steps would be taken.
Is it possible to have this & if so suggest me the options pls.

You don't need IDS for this task (and I suggest reading what IDS are
for). I would suggest using one of the VA software. GFI Lan Guard (when
working with domain administrator rights) have such capabilities. It can
also deploy patches for you. As you probably noticed - this works only
for Windows boxes.

Other software capable of doing such task are ISS Internet Security
Scanner and Nessus. Nessus can also test missig patches in other systems
(UNIX-like). There are other programs, but haven't use them.

Of course tests can be run on a regular basis.

Regards,
Gopi

Regards

--
Michael "carstein" Melewski | "We have no future bacause our present
carstein()7thguard.net | is too volatile. We have only risk
mobile: 512 357 303 | management. The spinning of the given
JID: carstein()gentoo.pl | moment's scenarios. Pattern recognition.


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------