Home page logo
/

basics logo Security Basics mailing list archives

Re: Info HIDS
From: Dave Dearinger <daved () mdon-line com>
Date: Fri, 09 Jul 2004 12:43:29 -0700

Snort will provide the kind of monitoring you are asking about. Snort can be configured to monitor an entire network, and output logs in tcp dump, mySQL, MSSQL, and plain text log output. check http://www/snort.org for more information and you may find it helpful to subscribe to a mailing list such as
Snort-users () lists sourceforge net


-Dave Dearinger
-Network Administrator
-MD-Online Inc.
-daved () mdon-line com
-1-888-397-3434
=============================
Email Confidentiality Notice: The information contained in this transmission is confidential, proprietary or privileged and may be subject to protection under the law, including the Health Insurance Portability and Accountability Act (HIPAA). The message is intended for the sole use of the individual or entity to whom it is addressed. If you are not the intended recipient, you are notified that any use, distribution or copying of the message is strictly prohibited and may subject you to criminal or civil penalties. If you received this transmission in error, please contact the sender immediately by replying to this email and delete the material from any computer.

At 01:21 PM 7/8/2004 +0200, Carlos H wrote:
Hello list,

recently I have been deployment a DMZ.  I'm trying to install and
configure an HIDS (tripwire) to get intrusion's information about a Web
Server (WebServer1).

Looking on Tripwire's manual i found that is necesary (i`m not really
sure!!!) that Tripwire run on the same machime to be monitored.  I mind,
Tripwire must be installed on WebServer1.  That is not good for me!  The
question is: Exist another way to configure Tripwire (or other HIDS)
looking for detecting a remote host? Is possible to install Tripwire in
a diferent host to WebServer1?

Carlos H.


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault