Intrusion detection systems

I need recommendation for Intrusion Detection system where it can report and tell you what files has been changed and/or lock it down and prevent changing.  I used Snort a while back and wonder if this is a good product or need any alternatives.
Please advice.
LVL 17
Who is Participating?

Improve company productivity with a Business Account.Sign Up

Kevin HaysConnect With a Mentor IT AnalystCommented:
Well lots of people have probably used snort since it's open source.  You have winsnort also for windows if i'm not mistaking.

You should have a IPS along with the IDS to have a solid security foundation.  The rules you apply in the IDS goes a long way in making it more secure and detailed also.

There are also enterprise class IDS/IPS out there also, but for most snort is good.
Tiras25Author Commented:
Bystorm product.  Anyone heard of that?

FileSure for Windows
FileSure for Windows leverages patent-pending technology that operates outside of native-Windows ACLs (Access Control Lists) to provide file access auditing, file access control, and data loss protection.
FileSure is a policy-based product (rules) that is easily configured and managed from a single location. FileSure complements your existing user and group permissions and eliminates the need for you to ever touch an ACL again!
pand0ra_usaConnect With a Mentor Commented:
You are not necessarily looking for an IDS but a Integrity checker. Windows has one built in for Microsoft specific files called sigverif. If you are looking for a comprehensive application I've used 3rd Brigade in the past that installs an agent on each machine you want to monitor. It does anti virus, firewall, HIDS (detect and/or prevent), integrity checking, and log monitoring.
Tiras25Author Commented:
Interesting idea.  How 'comprehensive' app would be different than sigverif from MS.  Maybe that MS tool would be just enough for me.
pand0ra_usaConnect With a Mentor Commented:
From an integrity checker standpoint, 3rd Brigade will verify any file or folder you define whereas sigverif.exe will only do windows files that have been singed by Microsoft.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.