ids inquisition
From: Casey DeBerry (cdeberry_at_navidec.com)Date: 07/18/01
- Vorherige Nachricht: Chad Harrington: "RE: Building the Perfect IDS - AutoResponse"
- Nächste im Thread: mht_at_clark.net: "Re: ids inquisition"
- Antwort: mht_at_clark.net: "Re: ids inquisition"
- Antwort: Dr SuSE: "Re: ids inquisition"
- Reply: RJ H: "Re: ids inquisition"
- Reply: Anne Marie Tenholder: "RE: ids inquisition"
- Reply: Dr SuSE: "Re: ids inquisition"
- Reply: RJ H: "Re: ids inquisition"
- Reply: Ashworth, Robert C. [Contractor]: "RE: ids inquisition"
- Reply: McCammon, Keith: "RE: ids inquisition"
- Reply: Robert Graham: "Re: ids inquisition"
- Reply: eberkut: "Re: ids inquisition"
- Reply: Turner, Elliot: "RE: ids inquisition"
- Reply: Richard Bejtlich: "Re: ids inquisition"
- Reply: Jamie French: "Re: ids inquisition"
- Reply: Gregory M Hoglund: "RE: ids inquisition"
- Nachrichten sortiert nach: [ Datum ] [ Thread ] [ Subject ] [ Autor ] [ Attachement ]
I have a client that would like to drop about 15 Real Secure sensors on
Solaris in various nap's... The bandwidth in these location vaires from
fractional T1 to full DS3+. Guessing that the average Ultra 10 with
Real Secure installed and tuned (specific rule sets) can manage a full
T1 in terms of dropped packets... is that a false statement? Anyone
have a sensor watching DS3+ traffic? What kind of hardware requirements
am I looking at?
Should I look into other IDS software?
I reccommended snort, but they didnt like the idea of opensource simply
because of the support aspects. Read a few articles including one from
securityportal that elects "Dragon" for heavy bandwidth
implimentations... Have also talked with other vendors that swear that
there product stacked up 10X better than ISS... but they all say that,
dont they? Some real world experience would be much more satisfying..
Resources or knowledge of this would be greatly appreciated.
Thanks,
Casey DeBerry
cdeberry_at_navidec.com
- Vorherige Nachricht: Chad Harrington: "RE: Building the Perfect IDS - AutoResponse"
- Nächste im Thread: mht_at_clark.net: "Re: ids inquisition"
- Antwort: mht_at_clark.net: "Re: ids inquisition"
- Antwort: Dr SuSE: "Re: ids inquisition"
- Reply: RJ H: "Re: ids inquisition"
- Reply: Anne Marie Tenholder: "RE: ids inquisition"
- Reply: Dr SuSE: "Re: ids inquisition"
- Reply: RJ H: "Re: ids inquisition"
- Reply: Ashworth, Robert C. [Contractor]: "RE: ids inquisition"
- Reply: McCammon, Keith: "RE: ids inquisition"
- Reply: Robert Graham: "Re: ids inquisition"
- Reply: eberkut: "Re: ids inquisition"
- Reply: Turner, Elliot: "RE: ids inquisition"
- Reply: Richard Bejtlich: "Re: ids inquisition"
- Reply: Jamie French: "Re: ids inquisition"
- Reply: Gregory M Hoglund: "RE: ids inquisition"
- Nachrichten sortiert nach: [ Datum ] [ Thread ] [ Subject ] [ Autor ] [ Attachement ]
