what do IDS analysts work on?
From: sponge (yosponge_at_yahoo.com)
Date: 10/27/03
- Next message: Duane Arnold: "Re: Intellimouse Seeks Permission?"
- Previous message: Wesley Harris: "Intellimouse Seeks Permission?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 26 Oct 2003 19:27:16 -0800
On Mon, 27 Oct 2003 01:17:13 GMT, Rowdy Yates
<rowdy.yates@no-spam-please.com> wrote:
>Hi ng. This may sound like a really dumbass question, so forgive the
>ignorance. I am new to this.
>
>
>I am reading Stephen Northcutt's book "Network Intrusion Detection" -
find
>the subject very interesting but am wondering. he talks about n-code
and
>creating signature filters e.t.c..
>
>are ids analysts/firewall expert's working mostly on unix os? or are
there
>ones that work on windows as well.
>
>ry,
My experience is that more is being done on Linux since you are
considering firewalls as well as IDS/IPS, but that is changing. The
trend in product for both is toward custom ASIC boxes for NIDS and
network firewalls; many PCs and other off-the-shelf hardware have some
serious limitations in high-saturation systems. However, there has
also been an increase in host-based IDS and IPS in the last year or
two for both Linux and especially Windows products.
If you're completely new to IDS, I suggest trying PC-based Snort. You
can have it in Linux or Windows flavors. It has some pretty severe
limitations -- which is why it's free versus upwards of a million
bucks for some IDS' -- but is good for learning or if you are on a
budget.
Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com
- Next message: Duane Arnold: "Re: Intellimouse Seeks Permission?"
- Previous message: Wesley Harris: "Intellimouse Seeks Permission?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
