lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: dufresne at winternet.com (Ron DuFresne)
Subject: IDS for Windows

I think one can still find portmon, and perhaps a few others, did you try
a google search prior to asking here??  That's a prime place to start,
then perhaps rephrase here asking for experiences others have had with a
few products you find and are interested in/fits your needs/abilities?

One thing about a number <most?> IDS ir portmonitoring software, they tend
to show the ports they monitor for activity/action as being "open", this
will attract a tad more attention to the systems they are placed upon,
much as a honeypot will.  Better to lock down exposed systems in most
cases with a firewall that actually drops or denies all connetion/probe
attempts to unwanted exposures.  Firewalling remains the most effective
primary besides just uninstalling or not installing in the first place,
services un-needed and/or not-understood.

IDS systems tend to take alot of care and feeding to make real use of them
in an unwastfule manner, and they are best placed behind a firewall as one
more additional warning layer should the firewall incorrectly fail-open,
or die, or not start, or somehow miss something your security policy
dictates.  Palcing a IDS at the frontgate tends to make them so noisy that
they are soon ignored anyways...

Thanks,

Ron DuFresne

On Tue, 10 Aug 2004, Carsten Ruckelshausen wrote:

> Hi,
>
> i'm looking for a Intrusion Detection System (host and/or net) for Windows.
> It should be Free or Shareware and perhaps it could work in a Windows/Linux
> network.
>
> Any idea ?
>
>
> Bis denn dann,
>
> Carsten
> ------------------------------------------------
> e-mail:  carsten@...r.net
> www:     www.sgcr.net
> mobil:   +49-173-2137083
> fax:       +49-6403-96187
> ------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


Powered by blists - more mailing lists