SecurityFocus

Host Based IDS Oct 20 2008 12:12PM
Security Group (secgro gmail com) (4 replies)

RE: Host Based IDS Oct 21 2008 03:00PM
Andrew Plato (andrew plato anitian com) (1 replies)

RES: Host Based IDS Oct 21 2008 04:31PM
Rafael Dreher (rafael_dreher sicredi com br) (2 replies)

Re: Host Based IDS Oct 27 2008 05:52AM
à¥ aditya mukadam à¥ (aditya mukadam gmail com)

RE: Host Based IDS Oct 21 2008 09:16PM
Andrew Plato (andrew plato anitian com) (1 replies)

RE: Host Based IDS Oct 22 2008 03:24PM
Leandro Venturini (leandro unlam edu ar)

Re: Host Based IDS Oct 21 2008 05:42AM
Dharmendra T (dbavale gmail com)

Re: Host Based IDS Oct 20 2008 08:17PM
Erik Harrison (eharrison gmail com) (2 replies)

how many servers, os variations, what kind of changes are you looking
to detect? basic file changes are easy, it's the rest of it that's
complicated and functionality will vary. past that, reporting will be
important to the managers, execs and if you have a lot of other things
to manage - to you as well.

what exactly do you want to show them, will you need to back up any
other responses with relevant data from your org? any other compliance
or security initiatives in the company that you could support with the
package or product?

On Mon, Oct 20, 2008 at 8:12 AM, Security Group <secgro (at) gmail (dot) com [email concealed]> wrote:
> Hello,
>
> I am currently evaluating several host-based Intrusion Detection
> Systems to monitor servers in a DMZ. My company only wants to monitor
> for suspecious behaviour on critical servers, without the need for a
> company wide security system. I am not interested in a network-bases
> ids because this is already covered by our company.
> The list below contains my findings so far;
>
> OSSEC
> Open Source Tripwire
> SAMHAIN
> OSIRIS
> AIDE
> Third Brigade Deep Security
> Symantec Critical System Protection
> IBM Proventia
> Enterasys Dragon IDS/IPS
> McAfee Total Protection for Endpoint
> CA Host-Based Intrusion Prevention System r8
> GFiEventsManager
> Cisco Security Agent
>
> I am thinking of suggesting OSSEC. Does anyone have any other suggestions?
>
> Thanks in advance.
>
> Kind regards,
>
> Babel Timon
>
> ------------------------------------------------------------------------

> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig
n=intro_sfw
> to learn more.
> ------------------------------------------------------------------------

>
>

------------------------------------------------------------------------

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig
n=intro_sfw
to learn more.
------------------------------------------------------------------------

[ reply ]

Re: Host Based IDS Dec 01 2008 01:43PM
Security Group (secgro gmail com) (1 replies)

Re: Host Based IDS Dec 01 2008 07:41PM
Stefano Zanero (zanero elet polimi it)

Re: Host Based IDS Oct 21 2008 02:46PM
belka att net

Re: Host Based IDS Oct 20 2008 07:01PM
Stefano Zanero (s zanero securenetwork it) (3 replies)

Re: Host Based IDS Oct 21 2008 11:40AM
jeffrey stebelton citi com (1 replies)

Re: Host Based IDS Oct 21 2008 09:29PM
JiPi DiNi (jipidini gmail com)

RE: Host Based IDS Oct 20 2008 09:32PM
Kirk, James P. (JAMES P KIRK saic com)

Re: Host Based IDS Oct 20 2008 08:29PM
Brad Lhotsky (lhotskyb mail nih gov)