IDS mailing list archives

RE: Host Based IDS Recommendations?

From: Usama Yehia <usamay () agisme com>
Date: Sat, 11 Oct 2003 17:49:47 +0300

You can use Secure Agent from Cisco, it has 2 versions server and desktop.
Server version can be used as HIDS for file servers and desktop version as
desktop personal firewall.

Regards,

Usama Yehia 
Senior Networking Consultant 

-----Original Message-----
From: Brian Wotring [mailto:brian () shmoo com] 
Sent: Saturday, October 11, 2003 8:47 AM
To: Alvin Wong
Cc: focus-ids () securityfocus com
Subject: Re: Host Based IDS Recommendations?


You might want to take a look at Osiris, it supports Windows NT/2K/XP:

     http://osiris.shmoo.com

On Oct 10, 2003, at 12:40 AM, Alvin Wong wrote:

Hi,

I would like to find out for Windows boxes if there are any
recommendations for Host based IDS, i know that for unix there is AIDE,
linux, tripwire. What are the solutions for Windows machines? Would
running a software IDS that is capable of monitoring and protecting the
file systems a la tripwire with signed hashes kept in removable media  
be
sufficient? If there are, what are the usual suspects for host based  
IDS
that is used prevalently in industry? I'm hoping for both free and
commercial solutions

Regards,
Alvin


----------------------------------------------------------------------- 
----
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to:
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Precisely Define and Implement Network Security & Performance  
Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
----------------------------------------------------------------------- 
----

-- 
     Brian Wotring ( brian () shmoo com )
     PGP KeyID: 0x9674763D


---------------------------------------------------------------------------
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to: 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Precisely Define and Implement Network Security & Performance Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo 
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to: 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Precisely Define and Implement Network Security & Performance Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo 
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------

Current thread:

Host Based IDS Recommendations? Alvin Wong (Oct 10)
- Re: Host Based IDS Recommendations? Brian Wotring (Oct 10)
- Re: Host Based IDS Recommendations? Jacco Tunnissen (Oct 14)
- Re: Host Based IDS Recommendations? dreamwvr () dreamwvr com (Oct 14)
- Re: Host Based IDS Recommendations? Simon Gray (Oct 14)
- RE: Host Based IDS Recommendations? Mark E. Donaldson (Oct 15)
- <Possible follow-ups>
- RE: Host Based IDS Recommendations? Usama Yehia (Oct 14)
- RE: Host Based IDS Recommendations? Dmitri Smirnov (Oct 14)
- FW: Host Based IDS Recommendations? Zach Forsyth (Oct 14)
- RE: Host Based IDS Recommendations? Milind Nanal (Oct 15)
  - RE: Host Based IDS Recommendations? Alvin Wong (Oct 15)
- Re: Host Based IDS Recommendations? edward gonzales (Oct 17)
  - Re: Host Based IDS Recommendations? Mark Teicher (Oct 20)
- RE: Host Based IDS Recommendations? Ryan Finnesey (Oct 20)