Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam  Beyond Security  SecuriTeam Home  Ask the Team  Mailing Lists  Advertising Info  Blogs  Black Box Testing  Vulnerability Assessment  Vulnerability Scanner SecuriTeam in Your Inbox   E-mail this article to a friend New vulnerability? New tool? Tell us	Open HIDS - Windows Host Intrusion Detection System 8 May 2005     Credit: The information has been provided by Jeremy Pickett. To keep updated with the tool visit the project's homepage at: http://www.openhids.com/    Details Protect your website! Use an External Vulnerability Scanner! Nothing to install. First report in 1 hour! www.beyondsecurity.com/vulnerability-scanner Open HIDS is a free, near-real time host intrusion detection system. the agent supports windows clients and servers, with other operating systems planned. The agent works by examining a number of resources on the host:  * NT event log  * Registry  * File integrity  * Directories  * Services  * Users Each of the modules creates a baseline for each resource. when changes occur on the monitored agent, those changes are compared against a set of filters and rules. if the particular change is of interest, the agent sends the event to the management server. The agent currently supports communication to the management server via UDP, and also makes a local archive of each event. It is advisable to keep the management server and agents on an isolated network that cannot be packet sniffed.  Comments:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles Netifera - Modular Open Source Platform for Security Tools WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems Webshag - Web Server Audit Tool Browser Fuzzer FSpy - Linux Filesystem Activity Monitoring telnetrecon - Telnet Recon Zerowine Sandbox JPEG Fuzzer VNC Server Fuzzer RSH Fuzzer Exomind Browser Rider MP3 TAG Fuzzer PDFuzzer - PDF File Standard Fuzzer Miranda - UPNP Administration and Audit Tool  Featured Articles Adobe Shockwave Player Director File Parsing Pointer Overwrite Mozilla Firefox Java Applet Loading Vulnerability Microsoft Internet Explorer Security Zone Restrictions Bypass Adobe Acrobat and Reader Heap Overflow Vulnerability Adobe Reader U3D Stack Overflow Vulnerability Apple CUPS NULL Pointer Vulnerability SonicWALL Global Security Client Privilege Escalation Vulnerability
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © 1998-2008 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®