Change control features in IDS products?
From: Kohlenberg, Toby (toby.kohlenberg@intel.com)Date: 12/27/01
- Previous message: Martin Roesch: "Re: SNMP traps in Snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Kohlenberg, Toby" <toby.kohlenberg@intel.com> To: "'focus-ids@securityfocus.com'" <focus-ids@securityfocus.com> Date: Thu, 27 Dec 2001 02:40:54 -0800
Does anyone know of any development being done to integrate
change control features into IDS products? Have people got solutions
that they've cobbled together for this? I can see using some
source code control product to handle things like snort or dragon
config and rule files, but what about a way to identify who made
the last change to an ICEcap group config? Same thing for any other
product where you are likely to have more than one admin (I use ICEcap
as an example because it is easy to see situations where multi-admin
environments will exist, no other reason).
The simple answers are things like a text file or log book, but
what about adding a separate part of the interface where you can go
see what the recent changes have been to any section of the config? Has
anyone seen the ability to associate a short text entry with a change
when it is made?
Sorry for the overlap between these lists (I know a lot of us read both)
but I wanted to get complete coverage.
All opinions are my own and in no way reflect the views of my employer.
Toby
- Previous message: Martin Roesch: "Re: SNMP traps in Snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
