Re: NIDS and HIDS

• Previous message: Jose Nazario: "Re: Foolin an IDS ?"
• Next in thread: Matthew Romanek: "Re: NIDS and HIDS"
• Maybe reply: Matthew Romanek: "Re: NIDS and HIDS"
• Maybe reply: Karel Chwistek: "Re: NIDS and HIDS"
• Maybe reply: KC: "Re: NIDS and HIDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: focus-ids@securityfocus.com
Date: Tue, 30 Nov 2004 09:51:16 +0100

Hi there!

On Mon, 2004-11-29 at 21:48, Youngquist, Jason R. wrote:

> I'd like to have an analysis program that would take data from the NIDS,
> HIDS, syslog, and tripwire logs, put it all together, and be able to
> give me some useful charts and graphical summaries so management can see
> that their money was well spent in securing the organization's
> infrastructure.

Maybe you should include prelude to all of your NIDS / HIDS lists.
It's a hybrid ids and you can for example use a patched snort as
NIDS oder a patched aide as a filesystem integrity checker to log
to a centralized prelude manager machine.
You can find it here: http://prelude-ids.org/
Greets && have fun! :)

Basti

-- 
Time is a bitch.

• application/pgp-signature attachment: This is a digitally signed message part

• Previous message: Jose Nazario: "Re: Foolin an IDS ?"
• Next in thread: Matthew Romanek: "Re: NIDS and HIDS"
• Maybe reply: Matthew Romanek: "Re: NIDS and HIDS"
• Maybe reply: Karel Chwistek: "Re: NIDS and HIDS"
• Maybe reply: KC: "Re: NIDS and HIDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]