Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IDS ISS

from [Joel Esler] Network Security [Permanent Link]
Subject: Re: IDS ISS
Date: Fri, 20 May 2005 07:58:24 -0400
I concur. I would always go with Snort over ISS anyday. I've tested and ran both at the same time on the same network, and Snort not only out performs, but it would be much easier to look at the data and configure the IDS. (Or IPS.. Look into Snort-inline)

Joel Esler

On May 19, 2005, at 8:11 PM, THolman@toplayer.com wrote:

Hi Anatole,

What was wrong with Snort?
There are plenty of implementations possible and it is highly tunable, plus
you get to see the signatures.
If it's performance you're worried about, consider running on a platform
such as SourceFire.
Is it purely a detection-based solution you're looking for, or do you have
the means to prevent intrusions inline already?

Regards,

Tim

-----Original Message-----
From: Berteau Anatole [mailto:anatole.berteau@turbomeca.fr]
Sent: 17 May 2005 17:03
To: focus-ids@securityfocus.com
Subject: IDS ISS



Hello,

I'm testing IDS solution. After Snort, i'm beginning to work with ISS.

What's the minimum architecture to use ISS? Is it possible to use only a
network sensor? If this solution is available, what's the solution to
consult alerts?

Thanks

Anatole

----------------------------------------------------------------------- ---
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
----------------------------------------------------------------------- ---

----------------------------------------------------------------------- ---
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
----------------------------------------------------------------------- ---



--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IDS\IPS that can handle one Gig, Konstantin V. Gavrilenko
Next by Date:  Re: Vulnerability vs. Exploit signatures and IPS??, Iván Arce
Previous by Thread:  RE: IDS ISS, THolman
Next by Thread:  RE: IDS ISS, PPowenski
Indexes:  [Date] [Thread] [Top] [All Lists]