Re: Host based IDS product

yc_2 · ‎10-06-2003

Hi,

Is there any product in the market for host based IDS for heterogenious environment (various unix and windows platform).

Any pointer is appreciated.

YC

Steven Sim Kok Leong · ‎10-06-2003

Hi,

I suppose this depends on what you intend to detect i.e. is it detecting permission changes, account creation attempts or detecting malicious network traffic to the host.

For the former, my preferences:
1) tripwire - file integrity checker
- http://www.tripwire.org

2) chkrootkit - system integrity checker
- http://www.chkrootkit.org

For the later, my preference is snort
- http://www.snort.org

Last but not least, there is also swatch which checks system and network logs for malicious attempts.

Most of these opensource tools compile on multiple *nix platforms and have win32 ports as well.

Not sure if this is what you want. Hope this helps. Regards.

Steven Sim Kok Leong

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Host based IDS product

Host based IDS product

Re: Host based IDS product