Re: Info HIDS

• Previous message: Paul Kurczaba: "Re: Anti-Virus on web facing servers??"
• In reply to: Carlos H: "Info HIDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 09 Jul 2004 12:43:29 -0700
To: "Carlos H" <carloshp@cantv.net>, <security-basics@securityfocus.com>

Snort will provide the kind of monitoring you are asking about. Snort can
be configured to monitor an entire network, and output logs in tcp dump,
mySQL, MSSQL, and plain text log output.
check http://www/snort.org for more information and you may find it helpful
to subscribe to a mailing list such as
Snort-users@lists.sourceforge.net

-Dave Dearinger
-Network Administrator
-MD-Online Inc.
-daved@mdon-line.com
-1-888-397-3434
=============================
Email Confidentiality Notice: The information contained in this
transmission is confidential, proprietary or privileged and may be subject
to protection under the law, including the Health Insurance Portability and
Accountability Act (HIPAA). The message is intended for the sole use of the
individual or entity to whom it is addressed. If you are not the intended
recipient, you are notified that any use, distribution or copying of the
message is strictly prohibited and may subject you to criminal or civil
penalties. If you received this transmission in error, please contact the
sender immediately by replying to this email and delete the material from
any computer.

At 01:21 PM 7/8/2004 +0200, Carlos H wrote:
>Hello list,
>
>recently I have been deployment a DMZ. I'm trying to install and
>configure an HIDS (tripwire) to get intrusion's information about a Web
>Server (WebServer1).
>
>Looking on Tripwire's manual i found that is necesary (i`m not really
>sure!!!) that Tripwire run on the same machime to be monitored. I mind,
>Tripwire must be installed on WebServer1. That is not good for me! The
>question is: Exist another way to configure Tripwire (or other HIDS)
>looking for detecting a remote host? Is possible to install Tripwire in
>a diferent host to WebServer1?
>
>Carlos H.

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

• Previous message: Paul Kurczaba: "Re: Anti-Virus on web facing servers??"
• In reply to: Carlos H: "Info HIDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]