Re: OSSIM Fedback

I am working it now! And I have a 0.9.9 in internet!
But most of my docs is chinese.
The new version looks like better than old,if you want to try you can email me!

----- Original Message -----
From: Koolk3 <koolk3@xxxxxxxxx>
To: security-basics@xxxxxxxxxxxxxxxxx, focus-ids@xxxxxxxxxxxxxxxxx, pen-test@xxxxxxxxxxxxxxxxx
Subject: OSSIM Fedback
Date: Mon, 12 Jun 2006 10:50:54 -0400


Hello everyone,

I have been following these lists for some time now and have seen some
messages on OSSIM (www.ossim.net) [Open Source Security Information
Management]. It seems like a great product but lacks documentation and
reviews on the Internet.

I am looking for some feedback on the usefulness and practicaility
(interms or maintenance and configuration) of this software. I am
mainly interested in OSSIM as a corelation tool / log analysis for
now. But if it works well as an IDS I would like to propose this as an
alternative to commercial IDS to the management.

Has anyone tried the latest version of the product (0.9.9)? Any
feedback on installation and usability would be great.

I would be very much interested in hearing your success or horror
stories with this.

I have searched the web for 3rd party reviews on this. Haven't found
much. So if you know of any please let me know.

Thanks.

KoolK3

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks
from CORE IMPACT.
Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------




--
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 8 at http://www.opera.com

Powered by Outblaze

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

Relevant Pages

  • Re: Theory Question
    ... Your IDS is listening to the unprotected link to ... His code could attach an IP stack to the external interface ... but it cannot be used to make further attacks. ... and back out onto the Internet. ...
    (FreeBSD-Security)
  • RE: Hub vs. Tap vs. SpanPort
    ... JV> is the hub method the only one to send RST packets? ... The paper is targetted at ISS RealSecure as the IDS s/w but the ... It's expensive on TAPs but a neat way to handle the issue. ... IDS is connected to the internet side of the firewall. ...
    (Focus-IDS)
  • Re: Why does XP establish HTTP connection when browsing network shares?
    ... these requests have ANY need to access the internet. ... These components load ... > on servers not running HTTP daemons. ... > and receiving back a canned warning from my IDS. ...
    (Focus-Microsoft)
  • RE: IDS White Papers/Documents
    ... Subject: IDS White Papers/Documents ... IDS should be placed in all three + servers/host agents. ... Behind firewall to detect internal attempts and successful external attacks ... Never pay another Internet phone bill! ...
    (Security-Basics)
  • Re: IDS Evaluation
    ... vulnerability scanning). ... We actually include a limited license copy of Core Impact with our ... Evaluation boxes that we ship so people can easily evaluate our IPS ... >> about the accuracy of the ids. ...
    (Focus-IDS)
Quantcast