RE: Hi, I want to study IPS
From: infor) urko zurutuza (uzurutuza_at_eps.mondragon.edu)
Date: 05/13/04
- Previous message: Rob McMillen: "The release of the Honeynet Project's bootable CDROM"
- Maybe in reply to: cto: "Hi, I want to study IPS"
- Next in thread: Shawn: "RE: Hi, I want to study IPS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 13 May 2004 08:27:34 +0200 To: "Arun Vishwanathan" <arun.vishwanathan@nevisnetworks.com>, "Josh Mills" <JMills@cnbwaco.com>, "cto" <cto@kdds.co.kr>, <focus-ids@securityfocus.com>
Well, I think the better way of starting with IPS, is to play first with an IDS as Snort, and after that you should fulfill the pig with some plugins, for example:
-SnortSam (integration of Snort with Checkpoint Firewall-1)
-snort-inline (integrates Snort into a IPTables type kernel firewall), or
-flex-resp (resets connections)
This way, I could say that they turn Snort IDS in a IPS.
Urko
> -----Mensaje original-----
> De: Arun Vishwanathan [mailto:arun.vishwanathan@nevisnetworks.com]
> Enviado el: miércoles, 12 de mayo de 2004 15:27
> Para: Josh Mills; cto; focus-ids@securityfocus.com
> Asunto: RE: Hi, I want to study IPS
>
> I know of this tool called "Hogwash".
> http://sourceforge.net/projects/hogwash/
>
> I am not qualified to comment on whether it is good or bad. :-)
>
> HTH.
>
> -----Original Message-----
> From: Josh Mills [mailto:JMills@cnbwaco.com]
> Sent: Wednesday, May 12, 2004 6:51 PM
> To: Arun Vishwanathan; cto; focus-ids@securityfocus.com
> Subject: RE: Hi, I want to study IPS
>
> Are there any good open source NIPS products out there?
>
> -----Original Message-----
> From: Arun Vishwanathan [mailto:arun.vishwanathan@nevisnetworks.com]
> Sent: Wednesday, May 12, 2004 1:42 AM
> To: cto; focus-ids@securityfocus.com
> Subject: RE: Hi, I want to study IPS
>
>
> Hi Kyle,
>
> In short, NIPS is a combination of a firewall and IDS.
> An IDS will only detect intrusions whereas the NIPS will also take
> actions on the intrusions detected based on policies.
>
> Read this goop article for an intro to NIPS
> http://www.securityfocus.com/infocus/1670
>
> HTH.
> Arun
> -----Original Message-----
> From: cto [mailto:cto@kdds.co.kr]
> Sent: Wednesday, May 12, 2004 6:40 AM
> To: focus-ids@securityfocus.com
> Subject: Hi, I want to study IPS
>
> Hi,
> My name is Kyle and developer.
>
> I'm developing a NIPS(Network Intrusion Prevention System).
> I wonder what is different between NIDS and NIPS.
> Where can I acquire documents or anything that explain NIPS.
> Please let me know that.
>
> Have a nice day!!!
>
> PS: I'm sorry for poor English.
>
>
> ------------------------------------------------------------------------
> ---
>
> ------------------------------------------------------------------------
> ---
>
>
> ------------------------------------------------------------------------
> ---
>
> ------------------------------------------------------------------------
> ---
>
>
> --------------------------------------------------------------------------
> -
>
> --------------------------------------------------------------------------
> -
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Rob McMillen: "The release of the Honeynet Project's bootable CDROM"
- Maybe in reply to: cto: "Hi, I want to study IPS"
- Next in thread: Shawn: "RE: Hi, I want to study IPS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
