Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Fwd: Solaris 10 x86 HIDS

from [Nomellames nunca] Network Security [Permanent Link]
Subject: Re: Fwd: Solaris 10 x86 HIDS
Date: Fri, 16 Mar 2007 18:45:01 -0400
On 3/15/07, tim_holman@hotmail.com <tim_holman@hotmail.com> wrote: 
Not quite a hids but does Tripwire count?  They have Freeware agents for 
solaris?
Have you looked at a network IPS to protect your whole web tier rather than 
host based solutions?


HIDS are different than NIDS. NIDS cannot defend against insider
attacks, for example. I am beginning to grow tired of "experts"
suggesting NIDS when HIDS have a different functionality.

And yes, Samhain, Osiris and Tripwire are HIDSs, but the use a policy
based approach (mostly integrity verification of files). That does not
disqualify them as HIDS.

Best,

-J


Rgds

Tim
Sent from my BlackBerry(r) wireless device

-----Original Message-----
From: "kevin fielder" <kevin.fielder@gmail.com>
Date: Wed, 14 Mar 2007 17:59:02
To:focus-ids@securityfocus.com
Subject: Fwd: Solaris 10 x86 HIDS

Hi

It's a commercial product, but ISS real secure server sensor supports
Solaris.  We have used it on Sparc, not x86, but this may be worth
checking out as it may well meet your needs.

Cheers

Kevin



-----Original Message-----
From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com] On Behalf Of Brian A. Seklecki
Sent: 24 February 2007 22:13
To: tsax68@hotmail.com; Ángel Alonso-Párrizas
Cc: focus-ids@securityfocus.com; samhain-users@lists.la-samhna.de;
gateway@la-samhna.de; forum@la-samhna.de
Subject: Re: Solaris 10 x86 HIDS

Samhain will work on just about any POSIX system; plus it integrates
with Prelude.

If it fails to compile, consult the list and archives or just ping me.

Cheers,
~BAS

On Wed, 2006-12-13 at 14:13 +0000, tsax68@hotmail.com wrote:
> We are exploring the possibility of deploying Solaris 10 x86 servers in our 
web tier, and we would of course like to have it protected (somewhat) by HIDS 
software.  So far, the ONLY solution is the OSSEC product, but I want to make sure 
I'm not missing any other vendors, free or commercial.  Have  you guys come across 
any other Solaris 10 x86 HIDS products?
>
> Thanks,
>
> B-
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
> to learn more.
> ------------------------------------------------------------------------
>
>
>
>
>
>
>
--
Brian A. Seklecki <bseklecki@collaborativefusion.com>
Collaborative Fusion, Inc.




IMPORTANT: This message contains confidential information and is
intended only for the individual named. If the reader of this message
is not an intended recipient (or the individual responsible for the
delivery of this message to an intended recipient), please be advised
that any re-use, dissemination, distribution or copying of this
message is prohibited.  Please notify the sender immediately by e-mail
if you have received this e-mail by mistake and delete this e-mail
from your system.



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: WAS: Bittorrent - utorrent NOW: Certificate Talk, Randal T. Rioux
Next by Date:  Wired detection of rogue access points, johnnywkm
Previous by Thread:  Re: Fwd: Solaris 10 x86 HIDS, tim_holman
Next by Thread:  Re: Fwd: Solaris 10 x86 HIDS, Stefano Zanero
Indexes:  [Date] [Thread] [Top] [All Lists]