Snortgoing commercial

From: Chris Brown (chris_at_get-tuf.com)
Date: 03/16/05

  • Next message: Chris Harrington: "RE: How to choose an IDS/FW MSS provider"
    Date: Wed, 16 Mar 2005 08:34:06 -0000 (GMT)
    To: focus-ids@securityfocus.com
    
    

    I am suprised that there has been very little comment on the changes over
    at www.snort.org , I would have thought that $195 a month for Snort
    signatures would have made a few peoples blood boil!

    Tuffer

    --------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from
    CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
    to learn more.
    --------------------------------------------------------------------------


  • Next message: Chris Harrington: "RE: How to choose an IDS/FW MSS provider"

    Relevant Pages

    • Re: IPS & IPv6
      ... Yes snort is so is Sourcefire which is the commercial version of snort. ... Chief Strategy Officer ... with real-world attacks from CORE IMPACT. ...
      (Focus-IDS)
    • Re: use of bloom filters in commercial iDS/IPS architectures
      ... seemed pretty cool (and they used Snort as their test bed). ... using hash based techniques such as bloom filters/rabin finger prints ... Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. ...
      (Focus-IDS)
    • Re: newbie quetsions
      ... Although, keep in mind, Snort completely fails the CRI test, and does ... Do I need IDS? ... >CORE IMPACT. ... >Find out quickly and easily by testing it with real-world attacks from ...
      (Focus-IDS)
    • Re: Snort inline and iptables
      ... 1- can i use snort inline+iptables in router mode under linux? ... Subject: Snort inline and iptables ... > with real-world attacks from CORE IMPACT. ...
      (Focus-IDS)
    • Re: SNORT Testing
      ... Stick and Snot do *not* test Snort, they haven't tested Snort in any meaningful way for years, and they only "tested" Snort in their original form for a few months in 2001 while I made things more stateful. ... If you really want to test Snort for performance you should probably start thinking about investing a few hundred $k in some gear from Spirent or maybe Ixia for load generation and then get metasploit for attack generation. ... Without the load generation gear all you can do is functional testing of Snort and for that you should probably be looking at metasploit/ fragrouter/scapy/etc for that sort of thing. ... Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. ...
      (Focus-IDS)