On 3/15/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Not quite a hids but does Tripwire count? They have Freeware agents for solaris? Have you looked at a network IPS to protect your whole web tier rather than host based solutions?
HIDS are different than NIDS. NIDS cannot defend against insider attacks, for example. I am beginning to grow tired of "experts" suggesting NIDS when HIDS have a different functionality. And yes, Samhain, Osiris and Tripwire are HIDSs, but the use a policy based approach (mostly integrity verification of files). That does not disqualify them as HIDS. Best, -J
Rgds Tim Sent from my BlackBerry(r) wireless device -----Original Message----- From: "kevin fielder" <[EMAIL PROTECTED]> Date: Wed, 14 Mar 2007 17:59:02 To:[email protected] Subject: Fwd: Solaris 10 x86 HIDS Hi It's a commercial product, but ISS real secure server sensor supports Solaris. We have used it on Sparc, not x86, but this may be worth checking out as it may well meet your needs. Cheers Kevin -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian A. Seklecki Sent: 24 February 2007 22:13 To: [EMAIL PROTECTED]; Ángel Alonso-Párrizas Cc: [email protected]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Solaris 10 x86 HIDS Samhain will work on just about any POSIX system; plus it integrates with Prelude. If it fails to compile, consult the list and archives or just ping me. Cheers, ~BAS On Wed, 2006-12-13 at 14:13 +0000, [EMAIL PROTECTED] wrote: > We are exploring the possibility of deploying Solaris 10 x86 servers in our web tier, and we would of course like to have it protected (somewhat) by HIDS software. So far, the ONLY solution is the OSSEC product, but I want to make sure I'm not missing any other vendors, free or commercial. Have you guys come across any other Solaris 10 x86 HIDS products? > > Thanks, > > B- > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw > to learn more. > ------------------------------------------------------------------------ > > > > > > > -- Brian A. Seklecki <[EMAIL PROTECTED]> Collaborative Fusion, Inc. IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message is not an intended recipient (or the individual responsible for the delivery of this message to an intended recipient), please be advised that any re-use, dissemination, distribution or copying of this message is prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
