IDS mailing list archives
Re: IDS
From: Michał Melewski <mike () carstein kill-9 pl>
Date: Tue, 04 Jul 2006 22:42:17 +0200
Dnia 03-07-2006, pon o godzinie 05:57 +0000, Gopinath_Ramamoorthy () satyam com napisał(a):
Dear Team... I have used few IDS in my network, doesn't found them working in the way i wanted. My requirement is when there is a machine / laptop are connected to my network, which is not updated with the current Patches, Security updates which is being approved needs to be reported to the Sys admin and immediate necessary steps would be taken. Is it possible to have this & if so suggest me the options pls.
You don't need IDS for this task (and I suggest reading what IDS are for). I would suggest using one of the VA software. GFI Lan Guard (when working with domain administrator rights) have such capabilities. It can also deploy patches for you. As you probably noticed - this works only for Windows boxes. Other software capable of doing such task are ISS Internet Security Scanner and Nessus. Nessus can also test missig patches in other systems (UNIX-like). There are other programs, but haven't use them. Of course tests can be run on a regular basis.
Regards, Gopi
Regards -- Michael "carstein" Melewski | "We have no future bacause our present carstein()7thguard.net | is too volatile. We have only risk mobile: 512 357 303 | management. The spinning of the given JID: carstein()gentoo.pl | moment's scenarios. Pattern recognition. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------