|

Computer Security

»

Security Basics

Similar product to tripwire enterprise?

View: New views

12 Messages — Rating Filter: Alert me

	Similar product to tripwire enterprise? by zhihao-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi guys, are there any similar products to tripwire enterprise? What I do need is a solution that can monitor windows based file servers for unauthorized modification or destruction of files. Ideally the solution should also provide visibility of anyone who modified or delete files. the solution should also have good reporting capabilities. thanks for any suggestions!
	Re: Similar product to tripwire enterprise? by H. Kurth Bemis :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message What about running aide under Cygwin? http://www.cygwin.com/ and http://www.cs.tut.fi/~rammer/aide.html hth ~k On Thu, 2008-07-10 at 22:18 +0800, Zhihao wrote: > Hi guys, are there any similar products to tripwire enterprise? What I do > need is a solution that can monitor windows based file servers for > unauthorized modification or destruction of files. Ideally the solution > should also provide visibility of anyone who modified or delete files. the > solution should also have good reporting capabilities. thanks for any > suggestions! >
	Re: Similar product to tripwire enterprise? by Stephen Thornber :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hello, I am using two items together. (Much cheeper than Tripwire) SPLUNK for log correlation Honeycomb for investigation and reporting Stephen On 10 Jul 2008, at 15:18, Zhihao wrote: > Hi guys, are there any similar products to tripwire enterprise? What > I do > need is a solution that can monitor windows based file servers for > unauthorized modification or destruction of files. Ideally the > solution > should also provide visibility of anyone who modified or delete > files. the > solution should also have good reporting capabilities. thanks for any > suggestions! >
	RE: Similar product to tripwire enterprise? by Steve Anderson-5 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Take a look at Osiris http://osiris.shmoo.com/ It can natively compile for windows. Steve Anderson. -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of H. Kurth Bemis Sent: 10 July 2008 16:10 To: Zhihao Cc: security-basics@... Subject: Re: Similar product to tripwire enterprise? What about running aide under Cygwin? http://www.cygwin.com/ and http://www.cs.tut.fi/~rammer/aide.html hth ~k On Thu, 2008-07-10 at 22:18 +0800, Zhihao wrote: > Hi guys, are there any similar products to tripwire enterprise? What I do > need is a solution that can monitor windows based file servers for > unauthorized modification or destruction of files. Ideally the solution > should also provide visibility of anyone who modified or delete files. the > solution should also have good reporting capabilities. thanks for any > suggestions! > ______________________________________________ This email has been scanned by Netintelligence http://www.netintelligence.com/email BiP Solutions Limited is a company registered in Scotland with Company Number SC086146 and VAT number 383030966 and having its registered office at Park House, 300 Glasgow Road, Shawfield, Glasgow, G73 1SQ ************************************************************************** This e-mail (and any attachment) is intended only for the attention of the addressee(s). Its unauthorised use, disclosure, storage or copying is not permitted. If you are not the intended recipient, please destroyall copies and inform the sender by return e-mail. This e-mail (whether you are the sender or the recipient) may be monitored, recorded and retained by BiP Solutions Ltd. E-mail monitoring/ blocking software may be used, and e-mail content may be read at any time. You have a responsibility to ensure laws are not broken when composing or forwarding e-mails and their contents. **************************************************************************
	Re: Similar product to tripwire enterprise? by Paul Halliday :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Have you looked at OSSEC? http://www.ossec.net/ On Thu, Jul 10, 2008 at 11:18 AM, Zhihao <zhihao@...> wrote: > Hi guys, are there any similar products to tripwire enterprise? What I do > need is a solution that can monitor windows based file servers for > unauthorized modification or destruction of files. Ideally the solution > should also provide visibility of anyone who modified or delete files. the > solution should also have good reporting capabilities. thanks for any > suggestions! > >
	Re: Similar product to tripwire enterprise? by scott-44 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message If you are looking for an enterprise product, Solidcore S3 provides the functionality that you are looking for. They also have the ability to provide real-time prevention of file changes. http://solidcore.com/products/s3control.html
	RE: Similar product to tripwire enterprise? by Sheldon Malm :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I generally make a point of not pitching on these lists, but since others are chiming in ... Take a look at nCircle's CCM product - agentless solution, targeted to the enterprise. http://www.ncircle.com/index.php?s=products_ccm Sheldon Malm Director Security Research and Development nCircle Network Security http://blog.ncircle.com -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of scott@... Sent: Monday, July 14, 2008 3:24 AM To: security-basics@... Subject: Re: Similar product to tripwire enterprise? If you are looking for an enterprise product, Solidcore S3 provides the functionality that you are looking for. They also have the ability to provide real-time prevention of file changes. http://solidcore.com/products/s3control.html
	Re: Similar product to tripwire enterprise? by Gleb Paharenko-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, list. Hope, Zhihao you want mind in case I attach my question to yours. Is there software that can restore the original permissions of the files as well? AIDE seems not to be able to do this. It can only report changes, but not fix them. Not tried others yet. 2008/7/10 Zhihao <zhihao@...>: > Hi guys, are there any similar products to tripwire enterprise? What I do > need is a solution that can monitor windows based file servers for > unauthorized modification or destruction of files. Ideally the solution > should also provide visibility of anyone who modified or delete files. the > solution should also have good reporting capabilities. thanks for any > suggestions! > > -- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko
	RE: Similar product to tripwire enterprise? by Mohamed Farid-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Solidcore is the same as Tripwire and maybe better ( www.solidcore.com ) Mohamed Farid ,CISSP,CCSP,S+ m.farid.shawara@... -----Original Message----- From: securityfocus2@... [mailto:securityfocus2@...] On Behalf Of Gleb Paharenko Sent: Tuesday, July 15, 2008 10:43 AM To: Zhihao Cc: security-basics@... Subject: Re: Similar product to tripwire enterprise? Hi, list. Hope, Zhihao you want mind in case I attach my question to yours. Is there software that can restore the original permissions of the files as well? AIDE seems not to be able to do this. It can only report changes, but not fix them. Not tried others yet. 2008/7/10 Zhihao <zhihao@...>: > Hi guys, are there any similar products to tripwire enterprise? What I do > need is a solution that can monitor windows based file servers for > unauthorized modification or destruction of files. Ideally the solution > should also provide visibility of anyone who modified or delete files. the > solution should also have good reporting capabilities. thanks for any > suggestions! > > -- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko
	RE: Similar product to tripwire enterprise? by Eifrém Strinnholm Jonas :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Check SE46's solution. Been lookin on it for a while now and I am thinkin about implementing it into our DMZ policy etc. http://www.se46.se/produkter/eng_cis.shtml Best Regards, Jonas Eifrém Strinnholm IT-Security/Computer Engineer SWECO Connect AB / IT-Infrastructure Office : +46 8 695 61 68 Mobile : +4676 135 61 68 http://www.sweco.se - -- ------------------------------------------ PGP Key on pgp.mit.edu ID 0xFA737B76 -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of Mohamed Farid Sent: den 16 juli 2008 00:18 To: gpaharenko@...; 'Zhihao' Cc: security-basics@... Subject: RE: Similar product to tripwire enterprise? Solidcore is the same as Tripwire and maybe better ( www.solidcore.com ) Mohamed Farid ,CISSP,CCSP,S+ m.farid.shawara@... -----Original Message----- From: securityfocus2@... [mailto:securityfocus2@...] On Behalf Of Gleb Paharenko Sent: Tuesday, July 15, 2008 10:43 AM To: Zhihao Cc: security-basics@... Subject: Re: Similar product to tripwire enterprise? Hi, list. Hope, Zhihao you want mind in case I attach my question to yours. Is there software that can restore the original permissions of the files as well? AIDE seems not to be able to do this. It can only report changes, but not fix them. Not tried others yet. 2008/7/10 Zhihao <zhihao@...>: > Hi guys, are there any similar products to tripwire enterprise? What I do > need is a solution that can monitor windows based file servers for > unauthorized modification or destruction of files. Ideally the solution > should also provide visibility of anyone who modified or delete files. the > solution should also have good reporting capabilities. thanks for any > suggestions! > > -- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko smime.p7s (4K) Download Attachment
	Re: Re: Similar product to tripwire enterprise? by Scott Small :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message If what you seek is simple detection and perms fix, but aren't as worried about forensic use, look at cfengine.
	RE: Similar product to tripwire enterprise? by jameschanlon :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Have you looked at the Prism Microsystems WhatChanged product? We have been using it and found it to be very good. http://www.prismmicrosys.com/whatChanged.php Jim Hanlon Phone US (586) 435-6231 Fax US (586) 435-6245 Website: http://www.JCHCI.com -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of Zhihao Sent: Thursday, July 10, 2008 10:19 AM To: security-basics@... Subject: Similar product to tripwire enterprise? Hi guys, are there any similar products to tripwire enterprise? What I do need is a solution that can monitor windows based file servers for unauthorized modification or destruction of files. Ideally the solution should also provide visibility of anyone who modified or delete files. the solution should also have good reporting capabilities. thanks for any suggestions!

LightInTheBox - Buy quality products at wholesale price