Re: IDS for Pix Firewall

From: Andrew Plato (aplato@anitian.com)
Date: 02/10/02

Previous message: Sebastian Westermayer: "Re: File-Share Program Scanner?"
Maybe in reply to: Mathieu Patenaude: "IDS for Pix Firewall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 10 Feb 2002 07:02:32 -0000
From: Andrew Plato <aplato@anitian.com>
To: security-basics@securityfocus.com

('binary' encoding is not supported, stored as-is)

In-Reply-To: <20020207114618.25570.qmail@mail.securityfocus.com>

Snort (Sourcefire), Dragon IDS, Network Flight
Recorder, BlackICE Sentry, Cisco IDS - take your
pix :-)

Snort is definately the cheapest, but it will take you
longer to setup and get alerts.

Personally - Snort and BlackICE are probably the
best performance-wise. But I am biased because this
is what I use. I've been testing Dragon lately...seems
good.

Andrew Plato
President / Principal Consultant
Anitian Corporation
www.anitian.com

Previous message: Sebastian Westermayer: "Re: File-Share Program Scanner?"
Maybe in reply to: Mathieu Patenaude: "IDS for Pix Firewall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: PIX Firewall auditing suggestions please!
... Alrighty, I've enabled logging on my PIX firewall, and I have a SysLog ... service running and getting messages (around 8000 and hour at last ... no problems below the application level layer. ... > For the last point an IDS like snort is defintely the better tool: ...
(comp.security.firewalls)
Re: Cisco PIX 501 vs Sun Ultrasparc for VPN connections?
... use the pix for your first line of defense.. ... then toss up a 'nix box ... for snort and ids stuff ...
(comp.security.firewalls)