[1033] in Intrusion Detection Systems
IDS: ccMail SMTPLINK Undeliverable Message
daemon@ATHENA.MIT.EDU (ccMail SMTPLINK)
Tue Sep 16 15:06:11 1997
Date: Tue, 16 Sep 97 12:05:26 EST
From: nm@mail.amsinc.com (ccMail SMTPLINK)
To: ids@uow.edu.au
Reply-To: ids@wyrm.its.uow.edu.au
User dirk_illenberger is not defined
Original text follows
----------------------------------------------
Received: from ams.amsinc.com by mail.amsinc.com (SMTPLINK V2.11.01)
; Tue, 16 Sep 97 12:05:10 EST
Return-Path: <owner-ids@wyrm.its.uow.edu.au>
Received: from wyrm.its.uow.edu.au by ams.amsinc.com (4.1/SMI-4.1)
id AA00239; Tue, 16 Sep 97 12:11:27 EDT
Received: (from majordom@localhost)
by wyrm.its.uow.edu.au (8.8.7/8.8.6) id WAA25817
for ids-outgoing; Mon, 15 Sep 1997 22:55:53 +1000 (EST)
X-Authentication-Warning: wyrm.its.uow.edu.au: majordom set sender to owner-ids@wyrm.its.uow.edu.au using -f
Message-Id: <341D32CD.F017C217@dircon.co.uk>
Date: Mon, 15 Sep 1997 14:06:21 +0100
From: Nhan San <nasaki@dircon.co.uk>
X-Mailer: Mozilla 4.01 [en] (WinNT; I)
To: ids@wyrm.its.uow.edu.au
Cc: ids@uow.edu.au
Subject: Re: IDS: Real-time IDS for Windows NT?
X-Priority: 3 (Normal)
References: <9708148742.AA874251290@mail-out.un.org>
Sender: owner-ids@uow.edu.au
Precedence: bulk
Reply-To: ids@uow.edu.au
Yep.
Try Axent's ITA- Intruder alert.
This features realtime detection based on rules defined (also predefined
rules available) by the administrator. As far as I know this is the
only product available that allows a user to create both passive and
active policies.
It is also multiplatform, and all agents can be controlled from a
central box..on unix or NT.
regards
Nhan
Confused when awake.
adamsb@un.org wrote:
> I have worked on half a dozen different networks over the past six
> years and the two most effective intrusions I saw were through
> out-of-the-box Windows NT installations with dial-up modems.
>
> Recently I ran my own command files to check the security on 12
> newly installed NT boxes and every one of them had most of it security
>
> turned off. This looks like it is going to be a continuing problem.
>
> Does anyone have any experience with a Windows NT based real-time
> intrusion detection system that is commercially available?
>
> Hog Farmer,
> formerly with
> Tropical Hog Improvement Programme
