Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Intrusion detection systems

Posted on 2012-03-27
5
Medium Priority
?
747 Views
Last Modified: 2013-11-29
I need recommendation for Intrusion Detection system where it can report and tell you what files has been changed and/or lock it down and prevent changing.  I used Snort a while back and wonder if this is a good product or need any alternatives.
Please advice.
0
Comment
Question by:Tiras25
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 16

Accepted Solution

by:
Kevin Hays earned 668 total points
ID: 37774877
Well lots of people have probably used snort since it's open source.  You have winsnort also for windows if i'm not mistaking.

You should have a IPS along with the IDS to have a solid security foundation.  The rules you apply in the IDS goes a long way in making it more secure and detailed also.

There are also enterprise class IDS/IPS out there also, but for most snort is good.
0
 
LVL 17

Author Comment

by:Tiras25
ID: 37797735
Bystorm product.  Anyone heard of that?
http://www.bystorm.com/products-overview.html

====================
FileSure for Windows
FileSure for Windows leverages patent-pending technology that operates outside of native-Windows ACLs (Access Control Lists) to provide file access auditing, file access control, and data loss protection.
FileSure is a policy-based product (rules) that is easily configured and managed from a single location. FileSure complements your existing user and group permissions and eliminates the need for you to ever touch an ACL again!
0
 
LVL 10

Assisted Solution

by:pand0ra_usa
pand0ra_usa earned 1332 total points
ID: 37803021
You are not necessarily looking for an IDS but a Integrity checker. Windows has one built in for Microsoft specific files called sigverif. If you are looking for a comprehensive application I've used 3rd Brigade in the past that installs an agent on each machine you want to monitor. It does anti virus, firewall, HIDS (detect and/or prevent), integrity checking, and log monitoring.
0
 
LVL 17

Author Comment

by:Tiras25
ID: 37803098
Interesting idea.  How 'comprehensive' app would be different than sigverif from MS.  Maybe that MS tool would be just enough for me.
0
 
LVL 10

Assisted Solution

by:pand0ra_usa
pand0ra_usa earned 1332 total points
ID: 37803244
From an integrity checker standpoint, 3rd Brigade will verify any file or folder you define whereas sigverif.exe will only do windows files that have been singed by Microsoft.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question