Info HIDS

From: Carlos H (carloshp_at_cantv.net)
Date: 07/08/04

Next message: Austin Godber: "Re: RFMON detection"

Previous message: Kenton Smith: "RE: LOGON_USER through https tunnel"
In reply to: Alessandro Bottonelli: "Security Organization in Banks"
Next in thread: Don Voss: "Re: Info HIDS"
Reply: Don Voss: "Re: Info HIDS"
Reply: captgoodnight_at_acsalaska.net: "Re: Info HIDS"
Reply: Daniel Cid: "Re: Info HIDS"
Maybe reply: Arun Vishwanathan: "RE: Info HIDS"
Reply: Dave Dearinger: "Re: Info HIDS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <security-basics@securityfocus.com>
Date: Thu, 8 Jul 2004 13:21:48 +0200

Hello list,

recently I have been deployment a DMZ. I'm trying to install and
configure an HIDS (tripwire) to get intrusion's information about a Web
Server (WebServer1).

Looking on Tripwire's manual i found that is necesary (i`m not really
sure!!!) that Tripwire run on the same machime to be monitored. I mind,
Tripwire must be installed on WebServer1. That is not good for me! The
question is: Exist another way to configure Tripwire (or other HIDS)
looking for detecting a remote host? Is possible to install Tripwire in
a diferent host to WebServer1?

Carlos H.

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Next message: Austin Godber: "Re: RFMON detection"

Previous message: Kenton Smith: "RE: LOGON_USER through https tunnel"
In reply to: Alessandro Bottonelli: "Security Organization in Banks"
Next in thread: Don Voss: "Re: Info HIDS"
Reply: Don Voss: "Re: Info HIDS"
Reply: captgoodnight_at_acsalaska.net: "Re: Info HIDS"
Reply: Daniel Cid: "Re: Info HIDS"
Maybe reply: Arun Vishwanathan: "RE: Info HIDS"
Reply: Dave Dearinger: "Re: Info HIDS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Info HIDS
... you need to install tripwire on that specific ... > looking for detecting a remote host? ... to facilitate one-on-one interaction with one of our expert instructors. ...
(Security-Basics)
Re: Info HIDS
... On Thursday 08 July 2004 03:21 am, Carlos H wrote: ... > configure an HIDS (tripwire) to get intrusion's information about a Web ... Is possible to install Tripwire in ... CDRs are a good way to keep binaries honest, chkrootkit is also used from the CDR. ...
(Security-Basics)
Re: Tripwire
... Tripwire is a good tool for detecting intrusions that needs to be used as ... as immediately after a fresh install from known-good media. ... you do have that baseline for comparison. ...
(comp.os.linux.security)
RE: Info HIDS
... A HIDS has to be installed on the host that it is supposed to protect. ... configure an HIDS (tripwire) to get intrusion's information about a Web ... Tripwire must be installed on WebServer1. ... Is possible to install Tripwire in ...
(Security-Basics)
Re: system cracked, /bin problems
... script from your Knoppix boot. ... Be sure to fetch and install all of the updated RPMs from Red Hat ... You can also consider switching distributions. ... You'll want to install something like tripwire, ...
(comp.unix.admin)