Re: free hIDS, or system assessment tools

From: H Carvey (
Date: 09/22/04

  • Next message: GuidoZ: "Re: Laptop Encryption & Hibernation"
    Date: 22 Sep 2004 17:45:54 -0000
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <>

    >Is there any free System Assessment tools for windows and *nix
    >Is there any free System or host IDS for windows and *nix

    There are a couple of (free) ways to go about this, particularly on Windows systems...

    For system assessment, I'd recommend:
    nmap -
    ATK -

    If you know what you're assessing against, Perl can be used to implement WMI as well as make other calls to the system in order to obtain the necessary information for your assessment...and even update the system to bring it in compliance.

    Perl can also be used to implement free monitoring/hIDS. For example, if you set your audit policy appropriately, use something like ( to send Event Log entries off of the system as they are generated. From the same site, you can use to watch for file system changes.


    H. Carvey

    Computer Forensics Training at the InfoSec Institute. All of our class sizes
    are guaranteed to be 12 students or less to facilitate one-on-one
    interaction with one of our expert instructors. Gain the in-demand skills of
    a certified computer examiner, learn to recover trace data left behind by
    fraud, theft, and cybercrime perpetrators. Discover the source of computer
    crime and abuse so that it never happens again.

  • Next message: GuidoZ: "Re: Laptop Encryption & Hibernation"