mailing list archives
Re: [PEN-TEST] Audit package
From: H Carvey <keydet89 () YAHOO COM>
Date: Fri, 29 Sep 2000 10:10:07 -0000
Another tool to throw into the equation is KSE
Something that needs to be pointed out here...
CMDS started out as an SAIC product...but with no
customers to pay for it's development, ODS bought
it up. CMDS uses an expert system to perform
statistical profiling by user or IP. This allows
thresholds for behavior to be set...so that over
time, thresholds can be minimized, and only
statistically significant events will cause
CMDS is more than just a tool that collects logs
and dumps them into a database.
Another tool the deserves mention is SilentRunner,
from Raytheon. This is an interesting tool and
there is really no way to do it justice here...you
have to see it for yourself. This tool finds it's
origins with the intelligence community. Be
careful...it needs some pretty significant
hardware to support it's full functionality.