mailing list archives
Re: [PEN-TEST] Audit package
From: Mark Teicher <mark.teicher () NETWORKICE COM>
Date: Fri, 29 Sep 2000 08:47:32 -0700
CMDS then became ODS, then became Intrusion.Com.. So it has been through a
few hands and have been re-tooled a few times. ODS has some weird stuff
going on with the SEC.. ??
On Fri, 29 Sep 2000, H Carvey wrote:
Another tool to throw into the equation is KSE
Something that needs to be pointed out here...
CMDS started out as an SAIC product...but with no
customers to pay for it's development, ODS bought
it up. CMDS uses an expert system to perform
statistical profiling by user or IP. This allows
thresholds for behavior to be set...so that over
time, thresholds can be minimized, and only
statistically significant events will cause
CMDS is more than just a tool that collects logs
and dumps them into a database.
Another tool the deserves mention is SilentRunner,
from Raytheon. This is an interesting tool and
there is really no way to do it justice here...you
have to see it for yourself. This tool finds it's
origins with the intelligence community. Be
careful...it needs some pretty significant
hardware to support it's full functionality.