TaliskerNETWORKINTRUSION.CO.UK

• Next message: Carskadden, Rush: "Re: host ids service"
• Previous message: Danny Rodriguez: "Re: IDS on switch with multiple VLANs"
• In reply to: Fernando Trias: "Re: Host IDS"
• Next in thread: Fernando Trias: "Re: Host IDS"
• Next in thread: Greg Shipley: "TripWire (WAS: Re: Host IDS)"
• Reply: Talisker: "Re: Host IDS"
• Reply: Fernando Trias: "Re: Host IDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RE: RE: Host IDSFollowing the debate about categorising file integrity checkers as IDS, last night I was advised about a product called SecureEXE which at first glance looks like an another access control tool, but it also checks the integrity of a file every time the user tries to run it, checking not only whether the user is allowed to run that particular file but also whether whether the file has been altered. It sounds good, but has anyone any eperience of any tools like it ?
There's a few bits about it on my site under IDS > File integrity checkers
It's getting a little closer to the debated near real time requirement

Andy
http://www.networkintrusion.co.uk
Talisker's Network Security Tools List
                    '''
                 (0 0)
  ----oOO----(_)----------
  | The geek shall |
  | Inherit the earth |
  -----------------oOO----
               |__|__|
                  || ||
              ooO Ooo
taliskernetworkintrusion.co.uk

The opinions contained within this transmission are entirely my own, and do
not necessarily reflect those of my employer.
 

• Next message: Carskadden, Rush: "Re: host ids service"
• Previous message: Danny Rodriguez: "Re: IDS on switch with multiple VLANs"
• In reply to: Fernando Trias: "Re: Host IDS"
• Next in thread: Fernando Trias: "Re: Host IDS"
• Next in thread: Greg Shipley: "TripWire (WAS: Re: Host IDS)"
• Reply: Talisker: "Re: Host IDS"
• Reply: Fernando Trias: "Re: Host IDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]