Announcement

Collapse
No announcement yet.

What Intrusion Detection Systems do you use on Windows?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • What Intrusion Detection Systems do you use on Windows?

    I'm after both host based and network based intrusion detection mechanisms, so I'd very much like to know what IDS people are using on Windows and what their experiences of them are.

  • #2
    Re: What Intrusion Detection Systems do you use on Windows?

    Got money? McAfee IntruShield... starting at 20K...

    McAfeeŽ - enterprise - McAfee IntruShield Security Manager Appliance:
    http://www.mcafee.com/us/enterprise/...nt_system.html


    Free? Snort is the best.
    Cheers,

    Daniel Petri
    Microsoft Most Valuable Professional - Active Directory Directory Services
    MCSA/E, MCTS, MCITP, MCT

    Comment


    • #3
      Re: What Intrusion Detection Systems do you use on Windows?

      Snort is free, and its taken over by Check Point.
      I also would go for Snort.
      Marcel
      Technical Consultant
      Netherlands
      http://www.phetios.com
      http://blog.nessus.nl

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"

      Comment


      • #4
        Re: What Intrusion Detection Systems do you use on Windows?

        yeah, I was thinking along the lines of snort as well. Didn't realise it was taken over by checkpoint, still free though, right?

        I wonder what 20K gets you with McFaffee that you don't get with snort....

        -h

        Comment


        • #5
          Re: What Intrusion Detection Systems do you use on Windows?

          Well Snort is still free indeed but you need to install it by yourself and configure it...

          http://www.snort.org/
          http://thelazyadmin.com/index.php?/a...dows-2003.html

          With mcafee, you got an out-of-the-box machine, which is already working. I also thought (i'm not sure) that you can manage it with ePO...
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: What Intrusion Detection Systems do you use on Windows?

            sorry, please define ePO?

            edit: oh, ePolicy Orchestrator. Have never used that...

            Comment


            • #7
              Re: What Intrusion Detection Systems do you use on Windows?

              ow sorry,

              Epolicy Orchestrator. Central management tool for most Mcafee products, like AV, groupshield, etc.
              See for more over here:
              http://www.mcafee.com/us/enterprise/...hestrator.html
              Last edited by Dumber; 7th December 2006, 16:58.
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment

              Working...
              X