| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.GSO.4.43.0408100004010.10257-100000@parka.winternet.com> From: dufresne at winternet.com (Ron DuFresne) Subject: IDS for Windows I think one can still find portmon, and perhaps a few others, did you try a google search prior to asking here?? That's a prime place to start, then perhaps rephrase here asking for experiences others have had with a few products you find and are interested in/fits your needs/abilities? One thing about a number <most?> IDS ir portmonitoring software, they tend to show the ports they monitor for activity/action as being "open", this will attract a tad more attention to the systems they are placed upon, much as a honeypot will. Better to lock down exposed systems in most cases with a firewall that actually drops or denies all connetion/probe attempts to unwanted exposures. Firewalling remains the most effective primary besides just uninstalling or not installing in the first place, services un-needed and/or not-understood. IDS systems tend to take alot of care and feeding to make real use of them in an unwastfule manner, and they are best placed behind a firewall as one more additional warning layer should the firewall incorrectly fail-open, or die, or not start, or somehow miss something your security policy dictates. Palcing a IDS at the frontgate tends to make them so noisy that they are soon ignored anyways... Thanks, Ron DuFresne On Tue, 10 Aug 2004, Carsten Ruckelshausen wrote: > Hi, > > i'm looking for a Intrusion Detection System (host and/or net) for Windows. > It should be Free or Shareware and perhaps it could work in a Windows/Linux > network. > > Any idea ? > > > Bis denn dann, > > Carsten > ------------------------------------------------ > e-mail: carsten@...r.net > www: www.sgcr.net > mobil: +49-173-2137083 > fax: +49-6403-96187 > ------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Powered by blists - more mailing lists