IDS mailing list archives
Re: Host Based IDS
From: "JiPi DiNi" <jipidini () gmail com>
Date: Tue, 21 Oct 2008 17:29:56 -0400
On Tue, Oct 21, 2008 at 7:40 AM, <jeffrey.stebelton () citi com> wrote:
Enterasys Dragon does have a HIDS product. It mainly supports IIS and Apache on Linux as far as log monitoring; if you run other platforms like Citrix, Apache on Windows, Lotus Domino or other web or ftp servers you'd have to roll your own policy and signatures.
I personally find that the Enterasys Dragon HIDS is not that great. Mostly an LFM and you could accomplish this with another tool that would be free ;) No real shim or BOF protection. Maybe their new release is better then 6.x ... X ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- Host Based IDS Security Group (Oct 20)
- Re: Host Based IDS Stefano Zanero (Oct 20)
- Re: Host Based IDS Brad Lhotsky (Oct 21)
- RE: Host Based IDS Kirk, James P. (Oct 21)
- Message not available
- Re: Host Based IDS Stefano Zanero (Oct 21)
- Re: Host Based IDS jeffrey . stebelton (Oct 21)
- Re: Host Based IDS JiPi DiNi (Oct 22)
- Re: Host Based IDS Stefano Zanero (Oct 20)
- Re: Host Based IDS Dharmendra T (Oct 21)
- Re: Host Based IDS Erik Harrison (Oct 21)
- Re: Host Based IDS belka (Oct 21)
- RE: Host Based IDS Andrew Plato (Oct 21)
- RES: Host Based IDS Rafael Dreher (Oct 21)
- RE: Host Based IDS Andrew Plato (Oct 22)
- RE: Host Based IDS Leandro Venturini (Oct 24)
- Re: Host Based IDS ॐ aditya mukadam ॐ (Oct 27)
- RES: Host Based IDS Rafael Dreher (Oct 21)