Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: RE: Host Based IDS Recommendations?

RE: Host Based IDS Recommendations?

From: Usama Yehia <usamay_at_agisme.com>
Date: Sat, 11 Oct 2003 17:49:47 +0300

You can use Secure Agent from Cisco, it has 2 versions server and desktop.
Server version can be used as HIDS for file servers and desktop version as
desktop personal firewall.

Regards,

Usama Yehia
Senior Networking Consultant

-----Original Message-----
From: Brian Wotring [mailto:brian_at_shmoo.com]
Sent: Saturday, October 11, 2003 8:47 AM
To: Alvin Wong
Cc: focus-ids_at_securityfocus.com
Subject: Re: Host Based IDS Recommendations?

You might want to take a look at Osiris, it supports Windows NT/2K/XP:

     http://osiris.shmoo.com

On Oct 10, 2003, at 12:40 AM, Alvin Wong wrote:

> Hi,
>
> I would like to find out for Windows boxes if there are any
> recommendations for Host based IDS, i know that for unix there is AIDE,
> linux, tripwire. What are the solutions for Windows machines? Would
> running a software IDS that is capable of monitoring and protecting the
> file systems a la tripwire with signed hashes kept in removable media
> be
> sufficient? If there are, what are the usual suspects for host based
> IDS
> that is used prevalently in industry? I'm hoping for both free and
> commercial solutions
>
> Regards,
> Alvin
>
>
> -----------------------------------------------------------------------
> ----
> Captus Networks IPS 4000
> Intrusion Prevention and Traffic Shaping Technology to:
> - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
> - Automatically Control P2P, IM and Spam Traffic
> - Precisely Define and Implement Network Security & Performance
> Policies
> FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
> http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
> -----------------------------------------------------------------------
> ----
>
> 

-- 
     Brian Wotring ( brian_at_shmoo.com )
     PGP KeyID: 0x9674763D
---------------------------------------------------------------------------
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to: 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Precisely Define and Implement Network Security & Performance Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo 
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------
---------------------------------------------------------------------------
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to: 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Precisely Define and Implement Network Security & Performance Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo 
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------
Received on Oct 15 2003
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos