How do you know if what is in various configuration files is what is supposed to be there? Did a hacker break-in and add some entries? Did a system administrator accidentally change a file? Did a security administrator make a mistake when modifying multiple lines in a firewall policy? And how do you easily restore what should be there? David Goldsmith |
David 78 Posts May 4th 2008 |
Thread locked Subscribe |
May 4th 2008 1 decade ago |
We are exploring change detection products like Tripwire, and we've spoken to two other vendors who offer competing products: SolidCore and NetPro. We hope to choose one later this year from among those 3 (or more) vendors. Our initial motive was to detect unauthorized change to reinforce change management policies. But we are learning that there is overlap between change auditing tools available and Intrusion Detection Systems and Intrusion Prevention Systems. So we may expand the requirements of our search.
|
Anonymous |
Quote |
May 5th 2008 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!