newbie quetsions

From: Andrey Todorov (andreyt_at_gawab.com)
Date: 12/24/04

  • Next message: Randy Golly: "RE: what is required for an engineer to become an SECURITY engineer"
    Date: Fri, 24 Dec 2004 16:07:30 +0100
    To: focus-ids@securityfocus.com
    
    

    Hi People,
    I tried several times to subscribe myself to "Security Basics" mailing
    list to ask my questions, but didn't succeed. Excuse me if my questions
    aren't adequate to "Focus IDS" mailing list!

    I'll be very gratefull if you share your opinion with me for the
    following situation. I have small network (5 PCs) behind one Linux box
    (iptables firewall , Pentium I 166Mhz, 32MB RAM, 4GB HDD) and want to
    increase security for this network.

        1. Do I need IDS?
        2. What do you think about Snort? Can I find easy maintainable
    free/opensource IDS then Snort?
        3. What IDS literature should I read?

    Thank you in advance!

    Andrey

    --------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from
    CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
    to learn more.
    --------------------------------------------------------------------------


  • Next message: Randy Golly: "RE: what is required for an engineer to become an SECURITY engineer"

    Relevant Pages

    • Re: Value of "richer" signatures?
      ... Snort, Dragon, and NFR, and I can tell you that they ... Here's an example of how the newer IDS signatures help ... Let's say you are using a simple packet grepping IDS ... > an FTP connection). ...
      (Focus-IDS)
    • Re: ids inquisition
      ... Subject: ids inquisition ... Snort isn't one of them. ... Brian Caswell - CSV output plugin, ... Christian Lademann - active response, ...
      (Focus-IDS)
    • RE: IDS recommendations
      ... Subject: IDS recommendations ... Snort is a relatively raw tool and that usually adds ... >> I can appreciate your comments on the ISS product. ...
      (Focus-IDS)
    • RE: "Free" IDS
      ... I am very surprised noone mentioned Demarc PureSecure IDS solution. ... It cost less than 2000.00 and it runs off of the snort engine and has a big ... if you want to learn snort then just read up on it. ...
      (Focus-IDS)
    • RE: Test tools for IDS
      ... "Sneeze" is great for Snort IDS. ... Captus Networks IPS 4000 ... Intrusion Prevention and Traffic Shaping Technology to: ...
      (Focus-IDS)