I have been looking at some Host IDS systems, that mainly seem to look at known signatures of attacks which is not proactive, I have found a system by Okena that focuses on how the system or application operates and will stop processes that deviate from the normal operation. I don't know if this uses the log files as part of the analysis. I would like to get your thoughts on this and what you would recommend, is there any other tools that you may know of? Thx John Reeder _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Fri Jan 10 2003 - 14:17:34 PST