newbie quetsions

From: Andrey Todorov (andreyt_at_gawab.com)
Date: 12/24/04

Next message: Randy Golly: "RE: what is required for an engineer to become an SECURITY engineer"

Previous message: Bob Walder: "Re: Tippingpoint IPS"
Next in thread: GuidoZ: "Re: newbie quetsions"
Reply: GuidoZ: "Re: newbie quetsions"
Reply: ken_i_m_at_elegantinnovations.net: "Re: newbie quetsions"
Reply: Fabien Degouet: "Re: newbie quetsions"
Maybe reply: Harper, Patrick: "RE: newbie quetsions"
Reply: Randy Golly: "RE: newbie quetsions"
Reply: zekker: "RE: newbie quetsions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 24 Dec 2004 16:07:30 +0100
To: focus-ids@securityfocus.com

Hi People,
I tried several times to subscribe myself to "Security Basics" mailing
list to ask my questions, but didn't succeed. Excuse me if my questions
aren't adequate to "Focus IDS" mailing list!

I'll be very gratefull if you share your opinion with me for the
following situation. I have small network (5 PCs) behind one Linux box
(iptables firewall , Pentium I 166Mhz, 32MB RAM, 4GB HDD) and want to
increase security for this network.

    1. Do I need IDS?
    2. What do you think about Snort? Can I find easy maintainable
free/opensource IDS then Snort?
    3. What IDS literature should I read?

Thank you in advance!

Andrey

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------

Next message: Randy Golly: "RE: what is required for an engineer to become an SECURITY engineer"

Previous message: Bob Walder: "Re: Tippingpoint IPS"
Next in thread: GuidoZ: "Re: newbie quetsions"
Reply: GuidoZ: "Re: newbie quetsions"
Reply: ken_i_m_at_elegantinnovations.net: "Re: newbie quetsions"
Reply: Fabien Degouet: "Re: newbie quetsions"
Maybe reply: Harper, Patrick: "RE: newbie quetsions"
Reply: Randy Golly: "RE: newbie quetsions"
Reply: zekker: "RE: newbie quetsions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Value of "richer" signatures?
... Snort, Dragon, and NFR, and I can tell you that they ... Here's an example of how the newer IDS signatures help ... Let's say you are using a simple packet grepping IDS ... > an FTP connection). ...
(Focus-IDS)
Re: ids inquisition
... Subject: ids inquisition ... Snort isn't one of them. ... Brian Caswell - CSV output plugin, ... Christian Lademann - active response, ...
(Focus-IDS)
RE: IDS recommendations
... Subject: IDS recommendations ... Snort is a relatively raw tool and that usually adds ... >> I can appreciate your comments on the ISS product. ...
(Focus-IDS)
RE: "Free" IDS
... I am very surprised noone mentioned Demarc PureSecure IDS solution. ... It cost less than 2000.00 and it runs off of the snort engine and has a big ... if you want to learn snort then just read up on it. ...
(Focus-IDS)
RE: Test tools for IDS
... "Sneeze" is great for Snort IDS. ... Captus Networks IPS 4000 ... Intrusion Prevention and Traffic Shaping Technology to: ...
(Focus-IDS)