Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Open Source IDS Solution?

from [phani shastry] Network Security [Permanent Link]
Subject: Re: Open Source IDS Solution?
Date: Thu, 8 Sep 2005 16:38:56 +0530 
Hai I am Phani
I hardly believe in the open source IDS as a possible solution to the
existing problems.But I am sure it would help a long way.I am not sure
the way an open source IDS can help the existing problems .For example
, the biggest problem is updating the signature base for IDS. I donot
see any way an open source IDS can help to improve our current
engineering expertise of IDS. Ullike the Operating systems and ther
software whose funcionality of clearly defined IDS is a not clear at
the conceptual level itself. I would be happy if any body can offer
suggestions in this respect.


On 9/4/05, Steve Barron <thurgoodj187@hotmail.com> wrote:

Hi

Snort is a good, especially for the flexability and good user community.  
Also the packet inspection via BASE is pretty easy, better than Cisco IDS 
and some netscreen products I've used.  If you are looking for a open source

app for security information management, check out ossim.

http://www.ossim.net/

I use snort, Cisco IDS, netscreen, and ISS and personally like snort better

than all of the above.

If you are looking for a good corellation tool and can get some budget 
approved for it, I would check out CS MARS.
http://www.cisco.com/en/US/products/ps6241/index.html

Good luck


-----Original Message-----
From: McKinley, Jackson [mailto:Jackson.McKinley@team.telstra.com]
Sent: Thursday, August 25, 2005 10:48 PM
To: focus-ids@securityfocus.com
Subject: RE: Open Source IDS Solution?

Personally I think snort is the best sensor ive seen, add that with the 
speed that.  The difference I think is what you do with your alerts 
(Correlation technology).

There are a number of "Open source" correlation engines out there.  One that

ive always liked was Open Aanval by remote assesment.  They have started to

sell it how but from memory there is still an open source / free limited 
version version.  Its called Aaanval or something..
www.aanval.com


-----Original Message-----
From: Persio Pucci [mailto:ppucci@multirede.com.br]
Sent: Friday, 26 August 2005 3:58 AM
To: focus-ids@securityfocus.com
Subject: Open Source IDS Solution?

Hello folks,

I am working on a study to deploy some IDS over my company's network, and I

would like to know what GOOD and RELIABLE Open Source IDS are out there. I 
could not find a comparative sheet of any kind (or at least, not a recent 
one) so I am asking you guys if you have any good ideas. I already know 
Snort. What are the other ones?

Thank you for your help!

- Persio

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE

IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE

IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------





-- 
phaniisc

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IPS comparison, Sanjay Rawat
Next by Date:  RE: Cisco IDS - RDEP client - Export data?, Jeff Dell
Previous by Thread:  RE: Open Source IDS Solution?, Steve Barron
Next by Thread:  IDS Logwatch test, Dean Maunder
Indexes:  [Date] [Thread] [Top] [All Lists]