• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

HIPS/HIDS

N

n0cmonkey

Elite Member
I've been playing with Blink a little bit, and so far it isn't too bad. I've also been using OSSEC on my machines (except the Mac), and I definitely like it so far.

Just looking for other suggestions (both personal and enterprise).

Free is preferred, I'm poor. 😉
 
it's been many years since i looked into stuff like this but last time i was researching stuff like this, Tripwire seemed to be one of the preferred tools by security experts.
 
Originally posted by: chipy
it's been many years since i looked into stuff like this but last time i was researching stuff like this, Tripwire seemed to be one of the preferred tools by security experts.
Click to expand...

Tripwire's configuration management. 😉
 
Originally posted by: John
I prefer virtualization over HIPS, so check out PowerShadow. Here's a massive thread about it on Wilders. SandboxIE and CyberHawk are popular freeware HIPS.
Click to expand...

I'm more worried about the state of the system while its running. I checked out cyberhawk and wasn't too impressed. Plus it was only a 30 day trial.

I've heard of SandboxIE, but I haven't looked into it much. Isn't it for the browser only?
 
Have you looked at Prelude and Prewikka (the front end) pretty cool stuff IMO. It's my next home project 🙂
 
Originally posted by: DaiShan
Have you looked at Prelude and Prewikka (the front end) pretty cool stuff IMO. It's my next home project 🙂
Click to expand...

I've looked at it. Its definitely interesting, but I haven't had enough time to devote to getting it working.

OSSEC and sguil were much easier. 😉
 
Originally posted by: n0cmonkey
Originally posted by: John
I prefer virtualization over HIPS, so check out PowerShadow. Here's a massive thread about it on Wilders. SandboxIE and CyberHawk are popular freeware HIPS.
Click to expand...

I'm more worried about the state of the system while its running. I checked out cyberhawk and wasn't too impressed. Plus it was only a 30 day trial.

I've heard of SandboxIE, but I haven't looked into it much. Isn't it for the browser only?
Click to expand...

How did you miss the free version? 😕 http://www.novatix.com/GetCyberhawk/

Get the Pro version for Free from this URL: http://www.novatix.com/cyberhawk/free/

Sandboxie is not just for IE. http://www.sandboxie.com/
 
I was gonna try installing ossec on my mac today. I wanted to set it up in a temp dir so I could see what was going on before letting it barf all over my file system. The installer refused to run without root. I promptly gave up.

I might try it this weekend using vmware.
 
Originally posted by: kamper
I was gonna try installing ossec on my mac today. I wanted to set it up in a temp dir so I could see what was going on before letting it barf all over my file system. The installer refused to run without root. I promptly gave up.

I might try it this weekend using vmware.
Click to expand...

Yeah, it needs root to install files into directories only root has access to...
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top