Might want to look at AXENT Technologies, http://www.axent.com, they have a product called Intruder Alert for use on various platforms. Can call John Negron in the USA at 301-670-3562. We use this on several large govt systems and are quite pleased with its ease of use and ability to scan for whatever we need it to. Axent also provides support on known attacks and things to monitor. Hope this helps. Robb ---------- From: adamsb@un.org[SMTP:adamsb@un.org] Sent: Sunday, September 14, 1997 9:31 AM To: ids@uow.edu.au Subject: IDS: Real-time IDS for Windows NT? I have worked on half a dozen different networks over the past six years and the two most effective intrusions I saw were through out-of-the-box Windows NT installations with dial-up modems. Recently I ran my own command files to check the security on 12 newly installed NT boxes and every one of them had most of it security turned off. This looks like it is going to be a continuing problem. Does anyone have any experience with a Windows NT based real-time intrusion detection system that is commercially available? Hog Farmer, formerly with Tropical Hog Improvement Programme