From: Levinson, Karl (LevinsonKSTARS-SMI.com)
Date: Thu Jul 24 2003 - 11:26:03 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I can't say these are the best, but here are some popular ones. Try a
www.google.com or www.google.com/advanced_group_search search as well to
find what you're looking for.

Firewalls: For free network firewalls, I'm not sure why you'd look for a
freeware Windows firewall when there are many more options for *nix, such as
those listed at http://securityadmin.info/faq.asp#firewall

If you desire a "personal" firewall software to inspect or protect one
computer, there's www.sygate.com, www.agnitum.com, www.kerio.com or some
people like www.zonealarm.com I'm not a fan of using Windows 2000/XP/2003
IPSec as a firewall due to lack of logging, but it is an option.

IDS: www.snort.org

Log collection/archiving:
NTSYSLOG? http://sourceforge.net/projects/ntsyslog/
Event Log to Syslog?
https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys
One of many possible free syslog clients: www.kiwisyslog.com
MS Log Parser from www.microsoft.com/downloads
... or try something that ports your log files to a SQL server database.
For exporting log file dumps, try pstools from www.sysinternals.com

File monitoring (like tripwire):
SIM from www.gfi.com, or some people try scripting their own using PERL etc.

Honeypots:
Honeyd? www.securityprofiling.com/honeyd/honeyd.shtml
Labrea might be worth considering:
http://sourceforge.net/project/showfiles.php?group_id=70896

Etc... What are you looking for? Try www.foundstone.com [fport, etc],
www.sysinternals.com [pstools, etc.], www.mynetwatchman.com, www.dshield.org
etc.

---------------------------------------------------------------------------
---------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]