Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Hard Drive Intergrety Status

from [Kenton Smith] Network Security [Permanent Link]
Subject: Re: Hard Drive Intergrety Status
Date: Thu, 29 Sep 2005 13:03:39 -0400 (EDT) 
Basically what you are looking for is the file
integrity checking portion of a HIDS, here is a good
primer on HIDS -
http://www.sans.org/resources/idfaq/host_based.php

Here is a Windows product -
http://www.rocksoft.com/rocksoft/veracity/index.php

If you're looking for Unix/Linux products Samhain is a
very good one -
http://la-samhna.de/samhain/

A google search for File Integrity checkers will give
you these and more.

Hope that helps,
Kenton

--- Nicolas Kramer <nicolaskf@gmail.com> wrote:


Isnt there a product that can allert, when files are
changed or
altered afther boot up, to a sertain server.
I mean as follows:
1. Computer boots up.
2. User logs in.
3. Image is made of current C: hdd.
4. if changes occur server is notified.
5. Optional: Prevents changes to happen in C:.


On 9/29/05, Kenton Smith <listsks@yahoo.ca> wrote:

Google for "host based intrusion detection" and

you'll

find lots of alternatives. If you want something

that

is centralized you'll probably have to go with a
commercial product. If you just want something

that

send an email when a change is made you may be

able to

use something open source.

Kenton

--- Nicolas Kramer <nicolaskf@gmail.com> wrote:


Can anyone help me with an aplication or method

that

can succeed in
the following task.

Check about 60 computers on LAN and all same
workgroup the local C:
harddisk for changes. And if any changes found

(as

minimal as
possible, like new folder or new suspisious

files or

something) be
reported to the server.

All the local hdd are almost exactly the same if

not

exactly the same.
Server is running win2003 and the clients are

all

WinNT

Any idea how i can accomplish this task? (mayb

like

a MD5 sum or
somthing in that way(though md5 is for files) or

an

integrety checker,
i heard about it but have no knowledge about it,

and

google isnt
helping me out atm)

Thank you very much.
Nico

--
Nico













__________________________________________________________

Find your next car at http://autos.yahoo.ca




--
Nico





        

        
                
__________________________________________________________ 
Find your next car at http://autos.yahoo.ca
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Hard Drive Intergrety Status, Nicolas Kramer
Next by Date:  Re: New Job., Will Yonker
Previous by Thread:  Re: Hard Drive Intergrety Status, Nicolas Kramer
Next by Thread:  VALN hopping, josh
Indexes:  [Date] [Thread] [Top] [All Lists]