[313] in Intrusion Detection Systems
Re: Looking for intrusion detection - Tripwire isn't it
daemon@ATHENA.MIT.EDU (Dr. Frederick B. Cohen)
Tue Aug 22 20:37:08 1995
From: fc@all.net (Dr. Frederick B. Cohen)
To: ids@uow.edu.au
Date: Mon, 21 Aug 1995 19:03:25 -0400 (EDT)
In-Reply-To: <9508211832.AA00869@fishtank> from "June C. Ralph" at Aug 21, 95 02:32:25 pm
Reply-To: ids@uow.edu.au
> Bellcore has a security tool called SysGuard that has two components, a set
> of host tools and a Security Manager. The host tools reside on each host
> machine and generate logs files with information pertaining to security
> problems for that machine. The information in these files are periodically
> retrieved by the Security Manager and stored in a data base for analysis.
> There is also real time alerting when a parameter is exceeded (i.e., repeated
> login failures).
How often? Retrieved how? Tools do what?
> We also have PINGWARE and S/KEY. PINGWARE scans you TCP/IP network for know
> vulnerabilites and generates a report indicating the machines that can be
> compromised and by which method. S/KEY is a one-time password system that
> allows users to access computers from outside their secure domains and which
> does not require any hardware (e.g., batteries, credit card type IDs).
I am aware of these.
> If you want additional information about any of these products, please
> feel free to contact me.
I would like to get all the documentation you can provide including
priceing and availability.
--
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
