Re: which IDS

From: Martin Roesch (roesch@sourcefire.com)
Date: 11/14/02


Date: Thu, 14 Nov 2002 15:58:31 -0500
To: Jill Tovey <jill.tovey@bigbluedoor.com>
From: Martin Roesch <roesch@sourcefire.com>

Prelude: http://www.prelude-ids.org
Firestorm: http://www.scaramanga.co.uk/firestorm/
Hank: http://hank.sourceforge.net
BENIDS: http://www.marlboro.edu/~ttoomey/benids/
Tamandua: http://tamandua.axur.org/

These are the ones that I'm aware of these days besides Snort, there
may be one or two I'm forgetting...

      -Marty

On Tuesday, November 12, 2002, at 03:02 AM, Jill Tovey wrote:

>
>
> hi i am looking to test three different NID systems,
>
> I have at home, one win2k copmuter, one SuSE linux computer, both
> connected with a DG814 router,
>
> i will probably get snort but i need two more free ones, that i can
> test
> on these computers, i am a bit worried that i will maybe need an extra
> computer to put in the DMZ to run some, i ideally would just like two
> that
> i can run from my normal setup here
>
> it would be great if anyone can reccommend any ?
>
> Thanks,
>
> Jill
>
>

-- 
Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616
Sourcefire: Snort-based Enterprise Intrusion Detection Infrastructure
roesch@sourcefire.com - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org



Relevant Pages

  • Re: Performance testing
    ... > when I'm generating noise traffic with the Smartbits. ... > 100 TCP flows from 192.168.66.9-109 random port to ... Professional Snort Sensor and Management Console appliances ... Snort: Open Source Network IDS - http://www.snort.org ...
    (Focus-IDS)
  • Re: OpenSource NIDS
    ... > want to combine a signature based NIDS with a NIDS with strict anomaly ... > model and Snort doesn't really suit, ... Snort: Open Source Network IDS - http://www.snort.org ...
    (Focus-IDS)
  • Re: [Snort-sigs] Snort Signatures for LSD-PL.NET Exploit
    ... > own custom rules file: ... > the packet (a way of increasing the speed of Snort processing packets. ... Snort: Open Source Network IDS - http://www.snort.org ...
    (Incidents)
  • Re: [more specific] Signature vs. Protocol Analysis
    ... Corporate America likes off-the-shelf software. ... I was young and na´ve back then and Snort was a lot younger too. ... Snort: Open Source Network IDS - http://www.snort.org ...
    (Focus-IDS)