Re: OSSIM as IDS

From: Tremaine Lea <tremaine@xxxxxxxxx>
Date: Wed, 21 May 2008 13:49:17 -0600

Unfortunately, that's true of most IDS worth the name. Whether one is looking at Tipping Point, Sourcefire or another commercial offering, you're looking at a pretty good investment of time.

---
Tremaine Lea
Network Security Consultant
Intrepid ACL
"Paranoia for hire"

On 21-May-08, at 10:21 AM, dkny@xxxxxxxx wrote:

Good, but a lot of work to get it in place.
David

Quoting online_preeti@xxxxxxxxx:

Dear All,

Is that anyone has worked on OSSIM as an open source for intrusion detection?

Regards
Preeti

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing itwith real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfwto learn more.
------------------------------------------------------------------------

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------

Follow-Ups:
- Re: OSSIM as IDS
  - From: dogten

References:
- OSSIM as IDS
  - From: online_preeti
- Re: OSSIM as IDS
  - From: dkny

Prev by Date: Re: HTTP LOG files Labeling
Next by Date: Re: HTTP LOG files Labeling
Previous by thread: Re: OSSIM as IDS
Next by thread: Re: OSSIM as IDS
Index(es):
- Date
- Thread

Relevant Pages

Re: Snort console recommendation
... but Sourcefire ... makes commercial appliance-based IDS infrastructure with a centralized ... management appliance as well, complete with a web-based management and ... The Lightning Console aggregates IDS events, ...
(Focus-IDS)
Re: RE: IDS testing tools
... Nessus is a bad choice to test IDS as it is a vulnerability scanner. ... >Find out quickly and easily by testing it with real-world attacks from CORE ... >with real-world attacks from CORE IMPACT. ...
(Focus-IDS)
IDS is dead, etc
... is there any way to make the quality of data coming out of the IDS ... networks independent of the network management picture or the other ... Deploying security infrastructure without ... Martin Roesch - Founder/CTO, Sourcefire Inc. - 290-1616 ...
(Focus-IDS)
Re: Host Based IDS
... Assunto: RE: Host Based IDS ... Anitian Enterprise Security ... with real-world attacks from CORE IMPACT. ...
(Focus-IDS)
RE: IDS
... Subject: IDS ... Safe Access that does pretty much what you describe. ... Find out quickly and easily by testing it with real-world attacks from ... with real-world attacks from CORE IMPACT. ...
(Focus-IDS)