For HIPS fans here at Wilders: http://www.ossec.net/main/ "OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows." I have not tested it myself, but I thought some people here might be interested. Although the software runs on windows clients (not servers), a *nix server running OSSEC is needed to run event analysis. So for those having these kind of configurations (windows and/or *nix clients behind *nix server(s)) this could be a useful tool.