Re: IDS

[Michał Melewski <mike () carstein kill-9 pl>]

Dnia 03-07-2006, pon o godzinie 05:57 +0000,
Gopinath_Ramamoorthy () satyam com napisał(a):
> Dear Team...
>
> I have used few IDS in my network, doesn't found them working in the way i wanted.
> My requirement is when there is a machine / laptop are connected to my network, which is not updated with the current 
> Patches, Security updates which is being approved needs to be reported to the Sys admin and immediate necessary steps 
> would be taken.
> Is it possible to have this & if so suggest me the options pls.

You don't need IDS for this task (and I suggest reading what IDS are
for). I would suggest using one of the VA software. GFI Lan Guard (when
working with domain administrator rights) have such capabilities. It can
also deploy patches for you. As you probably noticed - this works only
for Windows boxes.

Other software capable of doing such task are ISS Internet Security
Scanner and Nessus. Nessus can also test missig patches in other systems
(UNIX-like). There are other programs, but haven't use them.

Of course tests can be run on a regular basis.

> Regards,
> Gopi

Regards

-- 
Michael "carstein" Melewski  |  "We have no future bacause our present  
carstein()7thguard.net       |  is too volatile. We have only risk 
mobile: 512 357 303          |  management. The spinning of the given 
JID: carstein()gentoo.pl     |  moment's scenarios. Pattern recognition.


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------