[1019] in Intrusion Detection Systems
IDS: ccMail SMTPLINK Undeliverable Message
daemon@ATHENA.MIT.EDU (ccMail SMTPLINK)
Tue Sep 16 14:20:58 1997
Date: Tue, 16 Sep 97 11:49:22 EST
From: nm@mail.amsinc.com (ccMail SMTPLINK)
To: ids@uow.edu.au
Reply-To: ids@wyrm.its.uow.edu.au
User dirk_illenberger is not defined
Original text follows
----------------------------------------------
Received: from ams.amsinc.com by mail.amsinc.com (SMTPLINK V2.11.01)
; Tue, 16 Sep 97 11:49:13 EST
Return-Path: <owner-ids@wyrm.its.uow.edu.au>
Received: from wyrm.its.uow.edu.au by ams.amsinc.com (4.1/SMI-4.1)
id AA29273; Tue, 16 Sep 97 11:55:08 EDT
Received: (from majordom@localhost)
by wyrm.its.uow.edu.au (8.8.7/8.8.6) id AAA28280
for ids-outgoing; Tue, 16 Sep 1997 00:01:22 +1000 (EST)
X-Authentication-Warning: wyrm.its.uow.edu.au: majordom set sender to owner-ids@wyrm.its.uow.edu.au using -f
Message-Id: <199709151357.JAA06002@mail.netwalk.com>
From: "Brent Huston" <bhuston@netwalk.com>
To: <ids@wyrm.its.uow.edu.au>
Subject: IDS: Re: Real-time IDS for Windows NT?
Date: Mon, 15 Sep 1997 10:07:33 -0400
X-Msmail-Priority: Normal
X-Priority: 3
X-Mailer: Microsoft Internet Mail 4.70.1155
Sender: owner-ids@uow.edu.au
Precedence: bulk
Reply-To: ids@uow.edu.au
I have worked with Real Secure from ISS and found it to be excellent. The
engine can run on either NT or Unix, while the manager must run on NT to
control the NT engines. The system provides real time ID, as well as other
network attack recognition's, traffic analysis, and even offers custom
filters and responses. The manager supports session recording for telnet
and ftp, paging, email, connection resets, and much more!!
Give me a call @ 614-351-1237 or check out the ISS page @
http://www.iss.net
Thanks!
--Brent Huston, MicroSolved
----------
> From: adamsb@un.org
> To: ids@uow.edu.au
> Subject: IDS: Real-time IDS for Windows NT?
> Date: Sunday, September 14, 1997 9:31 AM
>
> I have worked on half a dozen different networks over the past six
> years and the two most effective intrusions I saw were through
> out-of-the-box Windows NT installations with dial-up modems.
>
> Recently I ran my own command files to check the security on 12
> newly installed NT boxes and every one of them had most of it security
> turned off. This looks like it is going to be a continuing problem.
>
> Does anyone have any experience with a Windows NT based real-time
> intrusion detection system that is commercially available?
>
> Hog Farmer,
> formerly with
> Tropical Hog Improvement Programme
