B
BillR
Susan Bugher said:Nominations are now open for the the 2004 Pricelessware list.
GFI LANguard System Integrity Monitor Features
Security File & Directory Integrity Monitor
Files File & Directory Integrity Monitor
(I'm getting DNS errors trying to reach pricelessware.org, so these
are just guesses.)
http://www.gfi.com/lansim/
(Mixed excerpts from site)
GFI LANguard System Integrity Monitor (S.I.M.) is a utility that
provides intrusion detection by checking whether files have been
changed, added or deleted on a Windows 2000/XP system.
GFI LANguard S.I.M. scans your system for important system files,
computes an MD 5 checksum for every important system and files this in
a database. At scheduled intervals, GFI LANguard S.I.M. scans the list
of monitored files, computes another MD 5 checksum [a unique 128 bit
hash "fingerprint"] and tests the current value against the stored
value to determine if the file has been modified. If it detects a
change, it notifies the system administrator via email, and logs the
occurrence in the security event log.
GFI LANguard S.I.M.'s file integrity checking runs in the background
as a service. [It] allows you to create multiple scan jobs, so that
you can monitor different types of files at different intervals.
A system integrity monitor is an essential tool in scanning your
systems for intrusions. The following are the main benefits:
• Detect intruders on a system - Because it is very difficult to
compromise a system without altering a system file, a system integrity
monitor is a good way to detect a system intrusion.
• Gather evidence - GFI LANguard S.I.M. allows you to gather evidence
of the intrusion. This may help in a criminal investigation. It will
also help you to learn about hackers' intentions.
• Find source of intrusion - GFI LANguard S.I.M. can also help in
determining what in the system may have caused a system compromise.
• System recovery - GFI LANguard S.I.M. logs exactly which files have
changed, allowing you to relatively easily restore the system to its
original state. Damage from viruses can easily be detected and all of
the infected files identified quickly.
• Watch your web site - You can configure GFI LANguard S.I.M. to
monitor not only operating system files but also your images, CGI
programs, Active Server pages and HTML files for unauthorized changes.
If your system is breached and your web site defaced, GFI LANguard
S.I.M. will notify you, enabling you to take immediate action.
BillR