[312] in Intrusion Detection Systems
Re: Looking for intrusion detection - Tripwire isn't it
daemon@ATHENA.MIT.EDU (June C. Ralph)
Mon Aug 21 18:48:35 1995
To: ids@uow.edu.au
In-Reply-To: Your message of "Sat, 19 Aug 95 18:41:24 EDT."
<9508192241.AA03879@all.net>
Date: Mon, 21 Aug 95 14:32:25 -0400
From: "June C. Ralph" <ralph1@bae.bellcore.com>
Reply-To: ids@uow.edu.au
Bellcore has a security tool called SysGuard that has two components, a set
of host tools and a Security Manager. The host tools reside on each host
machine and generate logs files with information pertaining to security
problems for that machine. The information in these files are periodically
retrieved by the Security Manager and stored in a data base for analysis.
There is also real time alerting when a parameter is exceeded (i.e., repeated
login failures).
We also have PINGWARE and S/KEY. PINGWARE scans you TCP/IP network for know
vulnerabilites and generates a report indicating the machines that can be
compromised and by which method. S/KEY is a one-time password system that
allows users to access computers from outside their secure domains and which
does not require any hardware (e.g., batteries, credit card type IDs).
If you want additional information about any of these products, please
feel free to contact me.
--
June
>-------------------------------June C. Ralph
> Security & Data Services Dev. Group
> ralph1@cc.bellcore.com
> RRC-1A216
> (908) 699-4647
