About IDS toolsFrom: Renee Teunissen (thuis) (email@example.com)
- Previous message: McHugh, Sean: "RE: Code Red Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <007f01c119fd$1b9d04a0$5908a8c0@ratnoot> From: "Renee Teunissen (thuis)" <firstname.lastname@example.org> To: <SECURITY-BASICS@securityfocus.com> Subject: About IDS tools Date: Tue, 31 Jul 2001 22:12:20 +0200
Currently I am investigating a propper way to implent an IDS in large
corporate network on about 20 locations with one central server location.
We have two different issues / projects.
1: to provide a service to detect internal intrusion attempts (to detect
"inside" hacks and network resource misuse). We have a lot of internal LANs
(eg, production, development, testing, etc) and wish to monitor the traffic
between those networks.
2: to provide a service to detect external intrusion attempts, packets that
go by a firewall, etc, etc. made by people using the extra-nets of
intra-nets (Cablemodem / DSL connected home workers, etc)
Are there reports of such implementations and what kind of products can
handle switched networks with 50K+ PC's and 3K+ servers/unixboxes across a
large corporate WAN. And are there know implemantation strategies? Please
give me your thoughts about this..
> We use postfix.
> Very simple to admin, very simple configuration.
> Very secure (the author himself is a recongnized security expert). I have
> placed one postfix server facing the internet (for 3 years already)
> a firewall. It hasn't been down ever (hey, I am not challenging you guys.
> have placed it there in case our fw gets hosed. Currently it does bulk
> mailing ;-)
> Very fast, so fast that I have to slow it down (so to speak) since our
> hardware was not catching up ;-)
> Very clean and open code (if you know C, you'll appreciate it ;-)
> HTH. note, this is just my comment on postfix.
> -----Original Message-----
> From: Uros Gruber [mailto:email@example.com]
> Sent: Wednesday, July 25, 2001 6:47 AM
> To: SECURITY-BASICS@securityfocus.com
> Subject: Qmail vs. postfix
> can anybody tell me what to use. I want to have secure mail
> Qmail or postfix.
> Uros mailto:firstname.lastname@example.org