I love it. There are a number of free security-related tools floating around these days and they seem to be of the “do more, have more features” variety. On my Windows systems at home I prefer to run ClamWin as my AV and Sygate Pro (a full version pre-Symantec purchase/dump) as my personal firewall. I’ve been using Comodo firewall for a while now on one laptop, but I really have no taken the time to baby it and nurture it and really get to know it, so I might just revert back to a Sygate install.
But I keep getting tickles to try something new. I see OSSEC has Windows agents that do things like HIDS, log analysis, registry and rootkit scanning, integrity scanning, and more on the server component. I also see CoreForce which provides a BSD-like firewall, registry and file permissions, integrity scanning, and malware prevention. Both tools are free, although the latter is Windows-bound and standalone while OSSEC likes to have a server component to shuttle data to.
It is nice to see multiple pieces getting packaged together in, hopefully, light-weight apps that won’t be hogs like NAV or your more commercial type protections. I like integrity checking, access monitoring, log scanning, and firewalling, along with the typical HIDS/behavioral analysis and malware detection/prevention. I’m just hoping these two products don’t overlap too much if I want features from both. And of course, there’s my poor ClamWin to think of.
Anyway, tools for thought. I really wish Sygate hadn’t been raped…after ZoneAlarm got dumbed down back in like 1999, Sygate was my saviour…