Re: IDS Reporting
From: Nicholas Bachmann (nbachmann@mail.davison.k12.mi.us)Date: 06/20/02
- Previous message: Anders : "Windows frontend for linux snort"
- In reply to: samantha myers: "IDS Reporting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Jun 2002 18:49:16 -0400 From: Nicholas Bachmann <nbachmann@mail.davison.k12.mi.us> To: focus-ids <focus-ids@securityfocus.com>
samantha myers wrote:
|I am looking for information on the reporting
|capabilities of the various NIDS. Specifically what
|type of information you can report on, how the reports
|are presented, are they easy to use, can you create
|custom reports, stuff like that.
Most of the commercial IDSs come with some kind of built-in reporting
system. Snort has tcpdump and text logs and database exports and there
are several frontends, including ACID, snortreport, and Demarc. Dragon
has dragon.db and text logs and database exports and a nifty interface
to view them. Cisco uses HP OpenView, some love it, many hate it, most
could care less.
Getting a demo of any of the above IDSs shoudn't be hard; you can make
your own judgements about what's best.
-- Regards, NickNicholas Bachmann, SSCP Unix Administrator Davison Community Schools
- Previous message: Anders : "Windows frontend for linux snort"
- In reply to: samantha myers: "IDS Reporting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
