Home page logo

basics logo Security Basics mailing list archives

Re: Host Based Intrusion Detection System Recommendations
From: krymson () gmail com
Date: Wed, 20 Apr 2011 14:29:22 -0600

From your description, my first reaction is to point you away from host-based IDS and over instead fo Data Loss 
Prevention (DLP) tools on the endpoint.

Either way, there aren't any options, in my opinion, that are truly inexpensive. For some, the up-front capital expense 
is the only thing that matters, so go open source like OSSEC (or OpenDLP). But others like to take into consideration 
the time spent supporting and caring for the tools or ease of knowledge-transfer, in which case you're going to spend 
more time poking at "free" things and less time with polished enterprise solutions (Symantec, McAfee, etc.).

<- snip ->
Hello Group,

I was hoping that I can get some help with making a recommendation to the agency I currently work for in regards to a 
Host Based Intrusion Detection System. I was asked to make some recommendations, but it must be inexpensive. The HIDS 
would be mainly used to set off alerts on unauthorized access to certain resources on sensitive information stored on a 
Windows 2008 Enterprise Server edition. It will also be used to monitor access to the resources as well.

Does anybody know of any economical ones? I would also like to know what is being used out their even if they are in 
the high end pricing just to provide options.

Thank you in advance?

Fili Moreno

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]