question

iqworksInformationQualityWorks-8937 avatar image
0 Votes"
iqworksInformationQualityWorks-8937 asked iqworksInformationQualityWorks-8937 answered

Are there any MS tools that actually allow me to monitor my home network with IDS/IPS?

I am using windows 10 version 10.0.19044.

It was suggested to me that if I used these 3 process tools that I could monitor my network. It seems that
These process tools only monitor the processes running on my computer, kind of like task manager.

I am still trying to find tools for monitoring my home network. I would like an IDS/IPS as well. I tried using WireShark but its not an IDS/IPS.


Thanks for any suggestions or advice

windows-10-network
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LimitlessTechnology-2700 avatar image
0 Votes"
LimitlessTechnology-2700 answered

Hello @iqworksInformationQualityWorks-8937

Is not clear which tools are you trying to use, but if you refer to Process Explorer or Process Monitor, they are indeed oriented to the analysis of system processes and their activities.

On the other hand, Microsoft used to had 2 exceptional tools for Network analysis: Network Monitor and Message Analyzer, which unfortunately have been retired after 2019.

At this moment, for Intrusion Detection IDS, Microsoft recommend the open source tool Suricata. you can read more about it, and how to operate with it here:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-intrusion-detection-open-source-tools

Hope this helps with your query,


--If the reply is helpful, please Upvote and Accept as answer--

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

iqworksInformationQualityWorks-8937 avatar image
0 Votes"
iqworksInformationQualityWorks-8937 answered

Thanks LT for getting back.

I tried suricata. But it has no GUI interface. There is a third party toll that seems like it will let suricata work with wireshark. Wireshark could be a GUI for it. But I couldnt get it to work last time, but i will be trying it again.

I am trying to learn how to monitor my network. I need an IDS/IPS to learn more. I am trying Snort right now. It is an IDS/IPS and works on windows. Not sure yet if it has a
GUI.
https://resources.infosecinstitute.com/topic/snort-rules-workshop-part-one/
“Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.”.

will keep you posted for the sake of anyone else who are working on network monitoring on windows 10.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.