From: Hairy One Kenobi (abuse_at_[127.0.0.1)
Date: Thu, 8 Jan 2004 00:58:28 -0000
"Dan" <email@example.com> wrote in message
> Is it worth paying $10,000 for source fire to make using SNORT easier?
> Does using source fire with SNORT make SNORT a middle weight IDS solution
> opposed to a lightweight?
> _Or_ is it worth the time and energy to write your own scripts and
IMHO. Let's say that again: "IMHO"
Any IDS tool (or something that acts as an IDS tool) is only useful if
someone can act on the results.
Not sure where $10k came from..? It's an interesting interface to LibPCap,
isn't it? Just like Ethereal? Are you looking at buying-in a monitoring
service, or deploying something yourself? Did I miss something about
Please point out where the shoe's going to drop.. ;o)