A forum for reverse engineering, OS internals and malware analysis 

All off-topic discussion goes here.
 #1207  by EP_X0FF
 Tue Jun 01, 2010 4:37 am
Hello,

It is HIDS not HIPS :)
The Windows agent does the following tasks:

-Monitors the Windows event log on real time.
-Monitors IIS logs (Web, FTP, SMTP) and any other logs present on your
system (including Symantec Anti-Virus, MySQL, Apache, etc) on real time.
-Periodically checks the Windows Registry for changes.
-Periodically checks your Windows folders for changes.
-Periodically does policy verifications to make sure your system is
configured properly.
What the practical usefulness of user mode based agent? Or I miss something?

Regards.