Does anyone on this list know of a sponsor that is using HIDS to monitor changes to a system's (Unix & Windows) configuration? The goal is to build a server according to specs (this would include hardening of the OS + agency specific security settings) then use a HIDS to detect and alert on any changes. Theoretically speaking, I know this can be done, but is anyone doing this?
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
