[logs] Host IDS

From: John Reeder (reederat_private)
Date: Fri Jan 10 2003 - 13:21:06 PST

  • Next message: Jørgen Hoffmeister: "RE: [logs] RE: syslog/tcp (selp)"

    I have been looking at some Host IDS systems, that mainly seem to look at
    known signatures of attacks which is not proactive, I have found a system by
    Okena that focuses on how the system or application operates and will stop 
    processes that deviate from the normal operation. I don't know if this uses
    the log files as part of the analysis. I would like to get your thoughts on
    this and what you would recommend, is there any other tools that you may
    know of?
    John Reeder
    LogAnalysis mailing list

    This archive was generated by hypermail 2b30 : Fri Jan 10 2003 - 14:17:34 PST