Snortcenter, Prelude-IDS

From: Sven Müller (smueller_at_magellan-net.de)
Date: 08/15/05

  • Next message: Cedric Foll: "Re: Snortcenter, Prelude-IDS"
    Date: Mon, 15 Aug 2005 10:43:56 +0200
    To: focus-ids@securityfocus.com
    
    

    Hello!

    I'm planing to set up a new IDS environment. Up to now I always used
    Snortcenter (http://users.pandora.be/larc/index.html) which worked quite
    well for me. But I think the development of this tool stopped because the last
    news entry on the web page is more the 2 years old. Does anyone have
    some information about that?

    However, I just visited the prelude homepage
    (http://www.prelude-ids.org/) and this framework sounds very intersting
    for me. Does anyone has some experinces with Prelude?
    I like Snort very much and Prelude can be connected with Snort, so I
    would have a centralized place for collecting and normalizing events.

    Do you have any experiences with Prelude?

    Mostly I prefer to use FreeBSD do you have any information about this
    combination?

    Thanks for you hints!

    Regards, Sven

    -- 
    ---------------------------------------------------------
    MAGELLAN Netzwerke GmbH
    Dipl.-Ing. (FH)
    Sven Müller
    Network Security Engineer
    Max-Reichpietsch-Straße 2
    51147 Köln
    Tel. :  +49-2203-92263-0
    Fax:    +49-2203-92263-99
    E-Mail: smueller@magellan-net.de
    Web:    http://www.magellan-net.de
    ---------------------------------------------------------
    ------------------------------------------------------------------------
    Test Your IDS
    Is your IDS deployed correctly?
    Find out quickly and easily by testing it 
    with real-world attacks from CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
    to learn more.
    ------------------------------------------------------------------------
    

  • Next message: Cedric Foll: "Re: Snortcenter, Prelude-IDS"

    Relevant Pages

    • Re: New Azwalaro project, is a French Open Source Nids project
      ... Well, this is a pity, because working on Snort or Bro or Prelude would ... that contextual rules for protocols are already in Snort and in almost ... unless you disclose private keys to your IDS box. ...
      (Focus-IDS)
    • Re: exaProtect
      ... In our company we are using Prelude, ... hybrid opensource IDS, and I must say I am happy with it. ... After comparing several IDS, I choose Prelude because I got very ... We have looked at exaProtect, and it seems like a solid product which meets a majority of our requirements. ...
      (Focus-IDS)
    • [ANNOUNCE]: Prelude Hybrid IDS suite 0.9.0 released
      ... solution to your IDS needs. ... of the Prelude Framework, including the enhancement of the Prelude ... The PreludeIDS Technologies company, which develops the Prelude ...
      (Focus-IDS)
    • Re: snort tamandua or prelude ids
      ... > the prelude IDS, prelude ids seems very complicated and I still not sure ... Snort, tamandua or prelude? ... You can set up a prelude nids sensor on its own ...
      (Focus-IDS)
    • RE: Snortcenter, Prelude-IDS
      ... I too have started to steer away from Snortcenter for the same reasons as you. ... Unfortunately the bit about getting Snort to report to prelude is pending some input. ... I am following the instructions on the prelude site for configuring snort to log to prelude. ... From what I have read so far I think it is intended to have Nagios bolted on to SNMP monitor Agents and collect events from other remote nodes so I guess it is intended for Nagios to monitor IDS node health. ...
      (Focus-IDS)