Re: Linux NIDS

From: Dr. S. A. Vetha Manickam (avmanickam@yahoo.com)
Date: 04/21/03

  • Next message: Rus Foster: "alsou.c.txt"
    Date: Mon, 21 Apr 2003 02:49:10 -0700 (PDT)
    From: "Dr. S. A. Vetha Manickam" <avmanickam@yahoo.com>
    To: "Patrick S. Harper" <lists@internetsecurityguru.com>, N30 <n30_lists@hotmail.com>
    
    

    Hi,

    Another option could be with Snort and Demarc. Even though Demarc is not free now,
    it can be bought in a marginally low price.
     

    --- "Patrick S. Harper" <lists@internetsecurityguru.com> wrote:
    > Snort with acid is a good solution for linux. I have a document that
    > does a step by step on installing it all on a redhat box.
    >
    > http://www.internetsecurityguru.com/documents/snort_acid_rh8.pdf
    >
    >
    >
    >
    > On Wed, 2003-04-16 at 06:58, N30 wrote:
    > > Guys,
    > >
    > > Any suggestions for Linux (RH) based NIDS.
    > >
    > > I have used BlackIce for Win and am looking for similar functionality.
    > >
    > > I know snort may be 1 of the answers...Any good front end for snort??? (I am
    > > new to Linux)
    > >
    > > Thank in advance!!
    > > -V
    > >
    > > ---------------------------------------------------------------------------
    > > Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
    > > world's premier event for IT and network security experts. The two-day
    > > Training features 6 hand-on courses on May 12-13 taught by professionals.
    > > The two-day Briefings on May 14-15 features 24 top speakers with no vendor
    > > sales pitches. Deadline for the best rates is April 25. Register today to
    > > ensure your place. http://www.securityfocus.com/BlackHat-security-basics
    > > ----------------------------------------------------------------------------
    > >
    > --
    > Patrick S. Harper | CISSP MCSE
    > patrick@internetsecurityguru.com
    > www.internetsecurityguru.com
    >
    > "If we aren't supposed to eat
    > animals, why are they made
    > of meat?"
    >
    >
    >
    > ---------------------------------------------------------------------------
    > Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
    > world's premier event for IT and network security experts. The two-day
    > Training features 6 hand-on courses on May 12-13 taught by professionals.
    > The two-day Briefings on May 14-15 features 24 top speakers with no vendor
    > sales pitches. Deadline for the best rates is April 25. Register today to
    > ensure your place. http://www.securityfocus.com/BlackHat-security-basics
    > ----------------------------------------------------------------------------
    >

    =====

    __________________________________________________
    Do you Yahoo!?
    The New Yahoo! Search - Faster. Easier. Bingo
    http://search.yahoo.com

    ---------------------------------------------------------------------------
    Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
    world's premier event for IT and network security experts. The two-day
    Training features 6 hand-on courses on May 12-13 taught by professionals.
    The two-day Briefings on May 14-15 features 24 top speakers with no vendor
    sales pitches. Deadline for the best rates is April 25. Register today to
    ensure your place. http://www.securityfocus.com/BlackHat-security-basics
    ----------------------------------------------------------------------------


  • Next message: Rus Foster: "alsou.c.txt"

    Relevant Pages

    • Re: lots of port 0 scannings
      ... You don't say how these alerts were generated, but it looks like Snort, ... Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the ... Training features 6 hand-on courses on May 12-13 taught by professionals. ...
      (Incidents)
    • RE: Linux NIDS
      ... > Another option could be with Snort and Demarc. ... Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the ... Training features 6 hand-on courses on May 12-13 taught by professionals. ...
      (Security-Basics)
    • GUIs for Win32 Snort?
      ... I'm looking for comments on GUI's for the Win32 port of Snort. ... I noticed the Demarc folder on the Snort website is empty. ... prospectus based upon the core principle concepts of security. ...
      (Security-Basics)
    • RE: Any comments on using SNORT
      ... I've had very good luck running Snort in my Win2k Office environment. ... Demarc is a web based front end for the ... Very nice and very clean for reporting. ...
      (Security-Basics)
    • Snort + RedHat v7.2 - Back to Basics
      ... After struggling over the weekend trying to get Demarc + Snort + MySQL ... my ISP on eth1 to a class-C LAN on eth0. ...
      (comp.os.linux.security)