Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

HIDS solution for NT4 machines

from [bcihak] Network Security [Permanent Link]
Subject: HIDS solution for NT4 machines
Date: 3 Oct 2005 16:51:58 -0000 
I work in a large distributed network.  We have several workstations and 
servers that are running on NT4.  I've been tasked with finding some sort of a 
HIDS (Host based Intrusion Detection System) software solution to protect these 
machines from zero day exploits, worms, and BO's.  I've looked at Cisco, Blink 
by Eeye, Destop Protector by ISS, and Primary Response by Sana Security.  None 
of these will support anything lower than NT4 SP6a.  My biggest problem is I 
have several machines that are running below SP6a and because of the flaky 
software running on these machines, I can't install SP6a without breaking the 
app.  Does anyone have any good experience with other products for NT4 
server/workstation below SP6a.

Just a side note, most of these machines will be replaced within 2 years, but 
that is a long time to leave exposed machines on the network.

Thanks!

Bcihak

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  detecting "intrusion detection", sumit . siddharth
Next by Date:  RE: Ossim, Jason A Minto
Previous by Thread:  detecting "intrusion detection", sumit . siddharth
Next by Thread:  RE: HIDS solution for NT4 machines, Jason
Indexes:  [Date] [Thread] [Top] [All Lists]