Discussion in 'polls' started by Alphalutra1, Feb 9, 2006.
WinPatrol & UnHackme.
As you already know I use Outpost with my IDS from blackice, and because I download from bittorent and other various p2p's, blackice every know and then blocks something suspicious. Call this false postives or not, but what ever it is, it seems to block various incoming connections either from browsing the net or from thw above mentioned that seem to get past my Dlink Firewall and Outpost. And before anyone asks, yes i do have my Outpost firewall configured correct. Running it with the IDS plugin, and removing more or less any allowed apps that are listed in Outpost and removing them, and allwoing them only access to the net once when they need it. Also my Dlink has every feature to protect me enabled.By the way, for the new Blackice PC Protection app, there is no way of totally disabling the firewall feature, what you have to do is select "allow all incoming connections" with the firewall settings of Blackice, works the same as disabling it. I read up on it somewhere.
I am using a home brew Perl-based Honeynet with honeypot
works for me (since about 5 years) ...
In the past, i've used Nuzzler IDS for a short period.
This soft seems to be not longuer supported by Securepoint/Nuzzler.
But it can be found at Majorgeeks for instance:
NB. WinpCap linbrary is integrated in the installer package and the service must be activated in the control panel.
This is a freeware which runs on Windows with no problems.
I suggest to run an online audit at IT-Sec in order to experiment the IDS features (see image): http://www.it-sec.de/vulchke.html