Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: free hIDS, or system assessment tools

from [Malik Khan] Network Security [Permanent Link]
Subject: RE: free hIDS, or system assessment tools
Date: Mon, 27 Sep 2004 07:33:46 -0400 
Try Microsoft Baseline Security Analyzer V1.2.1
http://www.microsoft.com/technet/security/tools/mbsahome.mspx 

-----Original Message-----
From: H Carvey [mailto:keydet89@yahoo.com] 
Sent: Wednesday, September 22, 2004 1:46 PM
To: security-basics@securityfocus.com
Subject: Re: free hIDS, or system assessment tools

In-Reply-To: <65C9FE56B1EB304EA8BC65A50F218C272D53CF@HOMAIL01.alrajhi.bank>


Is there any free System Assessment tools for windows and *nix Is there 
any free System or host IDS for windows and *nix


There are a couple of (free) ways to go about this, particularly on Windows
systems...

For system assessment, I'd recommend:
nmap - http://www.insecure.org
ATK - http://www.computec.ch/projekte/atk/

If you know what you're assessing against, Perl can be used to implement WMI
as well as make other calls to the system in order to obtain the necessary
information for your assessment...and even update the system to bring it in
compliance.

Perl can also be used to implement free monitoring/hIDS.  For example, if
you set your audit policy appropriately, use something like wmievt.pl
(http://patriot.net/~carvdawg/perl.html) to send Event Log entries off of
the system as they are generated.  From the same site, you can use FSW.pl to
watch for file system changes. 

HTH,

H. Carvey
http://www.windows-ir.com
http://groups.yahoo.com/group/windowsir/

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------


************************************************************* 
Confidentiality Notice 

The information contained in this e-mail message is proprietary 
and confidential, and is intended only for the recipients of this 
email. Copying and distribution, of information contained in this 
message is strictly prohibited. 

If you received this message in error, please immediately notify 
us by sending e-mail to postmaster@manpowernc.com 

***************************************************************

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: nc help needed., Gautam R. Singh
Next by Date:  RE: PortFast Question, LordInfidel
Previous by Thread:  Re: free hIDS, or system assessment tools, H Carvey
Next by Thread:  Active Batch security safe or not ?, Anders Larsson
Indexes:  [Date] [Thread] [Top] [All Lists]