RE: IDS
From: Trevor Cushen (trevor.cushen@sysnet.ie)Date: 03/12/02
- Previous message: Bejon Parsinia: "RE: Any comments on using SNORT"
- Maybe in reply to: Gerard Fremaint: "IDS"
- Next in thread: Bejon Parsinia: "RE: IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Trevor Cushen" <trevor.cushen@sysnet.ie> To: "'Gerard Fremaint'" <frank@prtc.net> Date: Tue, 12 Mar 2002 10:52:44 -0000
Intrusion Detection System
It is used to monitor traffic or activity on a network or host for signs
of intrusion etc. You will not get very far in your investigation
without hearing about Snort for both Unix and NT, simply because it is
excellent. Demarc will also grace your screen in many a google search
before too long.
Quick pointers for further investigation,
Network based tools used for IDS:
Snort
Demarc
------- also note
Tcpdump
Etherpeek
Ethereal
IPWatcher
Host based IDS tools:
Tripwire
regmon
MD5 tools
stuck to think of more at the moment sorry.
Good luck.
Trevor
-----Original Message-----
From: Gerard Fremaint [mailto:frank@prtc.net]
Sent: 10 March 2002 03:26
To: security-basics@securityfocus.com
Subject: IDS
what is an IDS ?
******************************************************************************
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this message in error please notify SYSNET Ltd., at
telephone no: +353-1-2983000 or postmaster@sysnet.ie
******************************************************************************
- Previous message: Bejon Parsinia: "RE: Any comments on using SNORT"
- Maybe in reply to: Gerard Fremaint: "IDS"
- Next in thread: Bejon Parsinia: "RE: IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
