Re: which IDS

From: Martin Roesch (roesch@sourcefire.com)
Date: 11/14/02


Date: Thu, 14 Nov 2002 15:58:31 -0500
To: Jill Tovey <jill.tovey@bigbluedoor.com>
From: Martin Roesch <roesch@sourcefire.com>

Prelude: http://www.prelude-ids.org
Firestorm: http://www.scaramanga.co.uk/firestorm/
Hank: http://hank.sourceforge.net
BENIDS: http://www.marlboro.edu/~ttoomey/benids/
Tamandua: http://tamandua.axur.org/

These are the ones that I'm aware of these days besides Snort, there
may be one or two I'm forgetting...

      -Marty

On Tuesday, November 12, 2002, at 03:02 AM, Jill Tovey wrote:

>
>
> hi i am looking to test three different NID systems,
>
> I have at home, one win2k copmuter, one SuSE linux computer, both
> connected with a DG814 router,
>
> i will probably get snort but i need two more free ones, that i can
> test
> on these computers, i am a bit worried that i will maybe need an extra
> computer to put in the DMZ to run some, i ideally would just like two
> that
> i can run from my normal setup here
>
> it would be great if anyone can reccommend any ?
>
> Thanks,
>
> Jill
>
>

-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616
Sourcefire: Snort-based Enterprise Intrusion Detection Infrastructure
roesch@sourcefire.com - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org