Re: Host Based IDS
- From: jeffrey.stebelton@xxxxxxxx
- Date: Tue, 21 Oct 2008 07:40:02 -0400
Enterasys Dragon does have a HIDS product. It mainly supports IIS and
Apache on Linux as far as log monitoring; if you run other platforms like
Citrix, Apache on Windows, Lotus Domino or other web or ftp servers you'd
have to roll your own policy and signatures.
Jeff
Stefano Zanero
<s.zanero@securen
etwork.it> To
Sent by: Security Group <secgro@xxxxxxxxx>
listbounce@securi cc
tyfocus.com focus-ids@xxxxxxxxxxxxxxxxx
Subject
Re: Host Based IDS
10/20/2008 04:00
PM
Security Group wrote:
I am currently evaluating several host-based Intrusion Detection
Systems to monitor servers in a DMZ.
Which type of servers ?
OSSEC
Which is a log-based IDS...
Open Source Tripwire
This is a file alteration monitor...
IBM Proventia
Enterasys Dragon IDS/IPS
Aren't these NIDS ?
Cisco Security Agent
This is an anomaly-based HIDS...
You are comparing apples, oranges, bananas and lemons together... this
is not really productive.
I am thinking of suggesting OSSEC. Does anyone have any othersuggestions?
Maybe you should clarify with yourself what you are actually trying to
do ;-)
Stefano
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Disclaimer: The information contained in this message is confidential and intended only for the use of the individual or entity identified. If the reader of this message is not the intended recipient, any dissemination distribution or copying of the information contained in this message is strictly prohibited. If you received this message in error, please notify the sender immediately and destroy any copies you may have. Citi, Inc and its affiliates assume no liability for data tampering or loss of confidentiality, which occur outside its direct control as a result of the use of unencrypted communications methods.
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Follow-Ups:
- Re: Host Based IDS
- From: JiPi DiNi
- Re: Host Based IDS
- References:
- Re: Host Based IDS
- From: Stefano Zanero
- Re: Host Based IDS
- Prev by Date: Re: Host Based IDS
- Next by Date: RE: Host Based IDS
- Previous by thread: Re: Host Based IDS
- Next by thread: Re: Host Based IDS
- Index(es):
