Security Basics mailing list archives
Re: HIDS
From: Daniel Cid <danielcid () yahoo com br>
Date: Mon, 7 Nov 2005 13:22:39 -0300 (ART)
Hello Leon, I would suggest for you to take a look at the OSSEC HIDS ( www.ossec.net/hids ). It has one of the most complete HIDS solutions that you can find out there. It does: -Integrity Checking -Rootkit detection -Log analysis It can easily be deployed on scalable fashion, having the "agents" forwarding events to a central server (with encryption) or locally installed on a single box. It has e-mail alerts and some other good stuff. A new version is comming soon with the option of a scalable active response (can be executed locally on the server or on the server that generated the event).. Hope it helps you. -- Daniel B. Cid, CISSP daniel.cid @ ( at ) gmail.com
--- Leon <roastin () yahoo com> escreveu: Hello, I currently use SANA for server HIDS. We are considering looking into Entercypt. Can the group suggest any other products i should be looking into? Are there server based HIDS that are comparable to Entercypt? Thanks __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com
_______________________________________________________ Yahoo! Acesso Grátis: Internet rápida e grátis. Instale o discador agora! http://br.acesso.yahoo.com/