Re: Intrushield vs. ISS once more...
From: Jason (security_at_brvenik.com)
Date: 01/06/05
- Previous message: Jason: "Re: newbie quetsions"
- Maybe in reply to: Chris Brown: "Re: Intrushield vs. ISS once more..."
- Next in thread: Chris Brown: "RE: Intrushield vs. ISS once more..."
- Reply: Chris Brown: "RE: Intrushield vs. ISS once more..."
- Reply: JM: "Re: Intrushield vs. ISS once more..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 06 Jan 2005 03:52:42 -0500 To: Chris Brown <chris@get-tuf.com>
Chris Brown wrote:
> Intrushield sends alerts to a central management server, Ethereal needs to
> be installed on this. Alerts are presented in a console and if you wish to
> drill down to view the captured packets Ethereal opens and is used to read
> the packets. During the install of the Intrushield manager software you
> simply tell Intrushield the location of Ethereal.exe on your system.
>
> So in answer to your Q, it is neither 1 or 2.
>
So you must have access to the central server in order to perform
effective analysis? Is there not the concept of multiple people
performing analysis?
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
- Previous message: Jason: "Re: newbie quetsions"
- Maybe in reply to: Chris Brown: "Re: Intrushield vs. ISS once more..."
- Next in thread: Chris Brown: "RE: Intrushield vs. ISS once more..."
- Reply: Chris Brown: "RE: Intrushield vs. ISS once more..."
- Reply: JM: "Re: Intrushield vs. ISS once more..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
