Re: Distributed intrusion detection systems
- From: Isaac Perez Moncho <suscripcions@xxxxxxxxxxxx>
- Date: Mon, 12 Feb 2007 20:16:31 +0100
I'm new to the list, so I lost some of the answer, maybe someone has said this one:
you can use snort + sguil:
http://sguil.sourceforge.net/
Very good combination.
En/na Andy Cuff ha escrit:
Hi,
Most of the commercial IDS will operate in this manner http://www.securitywizardry.com/N_ids.htm
Unless you want to analyse information from a different vendors for which a
Security Information Manager may offer you the capability
http://www.securitywizardry.com/consoles.htm
Finally Netflow collectors are here
http://www.securitywizardry.com/protNetFlowC.htm
And netflow analysers here http://www.securitywizardry.com/protnetflowA.htm
Hope this helps
Andy Cuff
Managing Director / CEO
Computer Network Defence Ltd
www.SecurityWizardry.com
Tel 0870 321 9014
Mob 0701 070 9014
International +44 1225 811777
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of alakhno@xxxxxxxxx
Sent: 08 February 2007 18:04
To: focus-ids@xxxxxxxxxxxxxxxxx
Subject: Distributed intrusion detection systems
Hello!
I'm looking for the examples of distributed intrusion detection systems. Here I mean intrusion detection systems, those collect network data from multiple agents and analyze it using one expert system.
I'm especially interested in concrete examples of successful intrusion detections those highlight benefits of distributed IDS in comparison with multiple usual intrusion detection systems installed.
Besides I'm looking for articles on distributed intrusion detection systems. Detection of traffic flows correlations, network graph models, graph metrics and network flows statistics are particularly interesting as used here.
--------------------------------------------------------------
----------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impa
ct&campaign=intro_sfw
to learn more.
--------------------------------------------------------------
----------
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
__________ Información de NOD32, revisión 2055 (20070212) __________
Este mensaje ha sido analizado con NOD32 antivirus system
http://www.nod32.com
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
- References:
- RE: Distributed intrusion detection systems
- From: Andy Cuff
- RE: Distributed intrusion detection systems
- Prev by Date: RE: IPS and Trunking
- Next by Date: RE: IPS and Trunking
- Previous by thread: RE: Distributed intrusion detection systems
- Index(es):
Relevant Pages
|
