You seems to be looking for a integrity checking, right? I use the OSSEC HIDS to monitor any modification on the binaries and configuration files on my systems. I install the agent on my servers and they forward any modification information to the analysis server for e-mail alerting (it also analyze the logs) ... However, it is only tested on Unix (although it should work with Cygwin on Windows).
*I know samhain runs on both Unix and Windows (using Cygwin too) and it is probably on a much stable state than the ossec hids (still on v0.2) http://www.ossec.net/hids/ http://la-samhna.de/samhain/index.html Hope it helps.. -- Daniel B. Cid, CISSP daniel.cid @ ( at ) gmail. com --- "Rivera,Angel L." <[EMAIL PROTECTED]> escreveu: > Does anyone on this list know of a sponsor that is > using HIDS to monitor > changes to a system's (Unix & Windows) > configuration? > > The goal is to build a server according to specs > (this would include > hardening of the OS + agency specific security > settings) then use a HIDS > to detect and alert on any changes. > > Theoretically speaking, I know this can be done, but > is anyone doing > this? > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to > http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > > _______________________________________________________ Yahoo! Acesso Grátis - Internet rápida e grátis. Instale o discador agora! http://br.acesso.yahoo.com/ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
