Alvin,
Try here for an overview of what is on the market:
http://www.networkintrusion.co.uk/HIDS.htm
Keep an eye on this page: http://www.nss.co.uk/ForthcomingEvents/ips.htm
They are planning an IPS report for december this year.
Have a look at their other reports as they are very nicely done.
I have played around a lot with IPS/HIDS and would recommend
Okena/Cisco.
Seems to do a great job at a relatively nice price.
Haven't had time to look into open source so can't help with that
aspect.
Cheers
Z
> -----Original Message-----
> From: Alvin Wong [mailto:alvin.wong_at_b2b.com.my]
> Sent: Friday, 10 October 2003 16:41 PM
> To: focus-ids_at_securityfocus.com
> Subject: Host Based IDS Recommendations?
>
>
> Hi,
>
> I would like to find out for Windows boxes if there are any
> recommendations for Host based IDS, i know that for unix
> there is AIDE, linux, tripwire. What are the solutions for
> Windows machines? Would running a software IDS that is
> capable of monitoring and protecting the file systems a la
> tripwire with signed hashes kept in removable media be
> sufficient? If there are, what are the usual suspects for
> host based IDS that is used prevalently in industry? I'm
> hoping for both free and commercial solutions
>
> Regards,
> Alvin
---------------------------------------------------------------------------
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to:
- Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
- Automatically Control P2P, IM and Spam Traffic
- Precisely Define and Implement Network Security & Performance Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------
Received on Oct 15 2003
Intro
