Re: snort
From: Hairy One Kenobi (abuse_at_[127.0.0.1)
Date: 01/08/04
- Next message: Rowdy Yates: "Re: sick of Linux bias"
- Previous message: Gordon Findlay: "Re: How secure am I behind a NAT router?"
- In reply to: Dan: "snort"
- Next in thread: Alexander Delarge: "Re: snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 8 Jan 2004 00:58:28 -0000
"Dan" <bitsandbytes88@hotmail.com> wrote in message
news:Zb-dnVqkX42Kh2GiRVn-jQ@speakeasy.net...
> Is it worth paying $10,000 for source fire to make using SNORT easier?
> Does using source fire with SNORT make SNORT a middle weight IDS solution
as
> opposed to a lightweight?
>
> http://www.insecure.org/tools2000.html
>
> _Or_ is it worth the time and energy to write your own scripts and
updates.
IMHO. Let's say that again: "IMHO"
Any IDS tool (or something that acts as an IDS tool) is only useful if
someone can act on the results.
Not sure where $10k came from..? It's an interesting interface to LibPCap,
isn't it? Just like Ethereal? Are you looking at buying-in a monitoring
service, or deploying something yourself? Did I miss something about
Commercial licensing?
Please point out where the shoe's going to drop.. ;o)
H1K
- Next message: Rowdy Yates: "Re: sick of Linux bias"
- Previous message: Gordon Findlay: "Re: How secure am I behind a NAT router?"
- In reply to: Dan: "snort"
- Next in thread: Alexander Delarge: "Re: snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
