Re: Open Source IDS Solution?

From: Olaf Gellert (og_at_pre-secure.de)
Date: 08/26/05

  • Next message: snort user: "Re: Open Source IDS Solution?" 
    Date: Fri, 26 Aug 2005 11:13:49 +0200
To: Persio Pucci <ppucci@multirede.com.br>

    Persio Pucci wrote:
    > Hello folks,
    >
    > I am working on a study to deploy some IDS over my company's network,
    > and I would like to know what GOOD and RELIABLE Open Source IDS are out
    > there. I could not find a comparative *** of any kind (or at least,
    > not a recent one) so I am asking you guys if you have any good ideas. I
    > already know Snort. What are the other ones?
    >
    > Thank you for your help!

    There are many little tools that can be used as
    IDS-sensors (Snort as network sensor, LibSafe as
    a very specialized host based sensor, ...).
    You may have a look at prelude (http://www.prelude-ids.org/)
    for a complete framework of sensors logging into
    a central manager. We do have some years of experience
    with this and it works pretty reliable. Snort is
    now the default network sensor of prelude. I know
    there are other frameworks related to Snort only,
    you may have a look at the Snort website.

    Cheers, Olaf 

    -- 
Dipl.Inform. Olaf Gellert                  PRESECURE (R)
Senior Researcher,                       Consulting GmbH
Phone: (+49) 0700 / PRESECURE           og@pre-secure.de
                        A daily view on Internet Attacks
                        https://www.ecsirt.net/sensornet
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
  • Next message: snort user: "Re: Open Source IDS Solution?"
    • Quantcast