Re: IDS

From: defiance (seclists_at_stratitec.com)
Date: 05/25/04

Next message: Sutton, Nathan: "RE: Detecting Network Sniffers ???"

Previous message: Kelly Martin: "SecurityFocus new article announcement"
In reply to: Endre Szekely-Bencedi: "IDS"
Next in thread: steve: "Computer Forensics Consulting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Endre Szekely-Bencedi <Endre.Szekely-Bencedi@hu-tcs.com>
Date: Tue, 25 May 2004 16:41:59 -0500

I really like using sentinix http://sentinix.org
It has snort, acid, and snortcenter all set up and ready to go. It is
great for snort newbies as all you have to do is go in and start
tweaking settings. It is a distro based on slackware, and in addition to
the IDS stuff you can also install nagios, nagat, cacti, and postfix
with spamassasin.

It may be a little much for what you are doing, or it could be just what
you need. But you should definetely check it out.

defiance
http://stageofbattle.org

On Mon, 2004-05-24 at 05:17, Endre Szekely-Bencedi wrote:
> Hi List,
>
> I'd like to ask you to recommend some IDS I could test. Our company is
> about 100-120 PCs large at the
> moment, that could increase to up to 400 in the near future. I am
> currently trying eTrust IDS v1.5 but it reports
> many false alarms, also it just reports the half of the traffic as 'other
> protocols' so I really can't get much useful
> information from that.
> Is Snort's software any good? It is free, and that's just nice. I was
> thinking to try it one of these days when I'll
> have a bit of spare time. Should I bother with the Windows version or I
> should just put it on a Unix machine?
>
> Any other tips, software that can do traffic logging/analysis/intrusion
> detection?
>
> Thanks.
>
> PS: Please, CC me the answers as I don't have much time to read mails
> usually so I might delete it along with
> the many other mailing list mails if I'm hurrying.
>
> Greetings,
> Endre Szekely-Bencedi
> _____________________________________
> Tata Consultancy Services
> H-1054 Budapest, Kalman Imre u. 1.
> Tel.: +36 1 4751214
> FAX: +36 1 475 1111
> Email: Endre.Szekely-Bencedi@hu-tcs.com
> _____________________________________
>
> "THIS E-MAIL MESSAGE ALONG WITH ANY ATTACHMENTS IS INTENDED ONLY FOR THE
> ADDRESSEE and may contain confidential and privileged information. If the
> reader of this message is not the intended recipient, you are notified
> that any dissemination, distribution or copy of this communication is
> strictly prohibited. If you have received this message by error, please
> notify us immediately, return the original mail to the sender and delete
> the message from your system."
>
>
> ---------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
> any course! All of our class sizes are guaranteed to be 10 students or less
> to facilitate one-on-one interaction with one of our expert instructors.
> Attend a course taught by an expert instructor with years of in-the-field
> pen testing experience in our state of the art hacking lab. Master the skills
> of an Ethical Hacker to better assess the security of your organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ----------------------------------------------------------------------------
>
>

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Next message: Sutton, Nathan: "RE: Detecting Network Sniffers ???"

Previous message: Kelly Martin: "SecurityFocus new article announcement"
In reply to: Endre Szekely-Bencedi: "IDS"
Next in thread: steve: "Computer Forensics Consulting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: IDS Testing
... > Has anyone ever used a product called IDS Informer made by Blade Software? ... > Ethical Hacking at the InfoSec Institute. ... > pen testing experience in our state of the art hacking lab. ...
(Pen-Test)
RE: restore Administrator password
... >> Ethical Hacking at the InfoSec Institute. ... >> Attend a course taught by an expert instructor with years of ... >> pen testing experience in our state of the art hacking lab. ...
(Security-Basics)
RE: Removing Local Admin Rights...
... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
(Security-Basics)
RE: securing password list
... recovery from a "fireproof" cabinet. ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... pen testing experience in our state of the art hacking lab. ...
(Security-Basics)
RE: Windows SUS
... > Ethical Hacking at the InfoSec Institute. ... > Attend a course taught by an expert instructor with years of ... > pen testing experience in our state of the art hacking lab. ...
(Security-Basics)