Re: IDS evaluation
From: Scott M. Algatt (turtle@turtleshell.net)Date: 08/22/02
- Previous message: Travis Dawson: "Re: IDS evaluation"
- In reply to: Frank Smith: "Re: IDS evaluation"
- Next in thread: Sebastien Desse: "RE: IDS evaluation"
- Next in thread: Reverman, Peter C: "RE: IDS evaluation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 Aug 2002 15:02:53 -0400 (EDT) From: "Scott M. Algatt" <turtle@turtleshell.net> To: focus-ids@securityfocus.com
The snort/acid/mysql combo is something to look at. We are running about
100 IDS machines on this setup. We created a small script that runs wget
to download new snortrules every night.
Regards,
Scott M. Algatt
On Thu, 22 Aug 2002, Frank Smith wrote:
> --On Thursday, August 22, 2002 12:25:41 -0400 Johannes Ullrich <jullrich@euclidian.com> wrote:
>
> >> I'm a Snort fan but deploying 12 of them with central management needs
> >> good expertise and multi-tool gluying skills.
> >
> > same here (snort fan). But I guess if you are comparing it to
> > commercial products like Dragon, you should consider the
> > commercial/supported version of snort from Sourcefire. I haven't
> > had a chance to use it yet. But I understand they offer a central
> > management console and a 'plug and play' appliance (hardware with
> > pre-installed snort sensor).
>
> Depending on the wheres and hows of your snort deployment, you might
> want to look at the snort-mysql-acid combination for central reporting.
>
> Frank
>
>
>
- Previous message: Travis Dawson: "Re: IDS evaluation"
- In reply to: Frank Smith: "Re: IDS evaluation"
- Next in thread: Sebastien Desse: "RE: IDS evaluation"
- Next in thread: Reverman, Peter C: "RE: IDS evaluation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
