Network Security: Detailed info on RE: [Snort-users] ACID/BASE vs PRELUDE

Subject:	RE: [Snort-users] ACID/BASE vs PRELUDE
Date:	Mon, 19 Sep 2005 12:07:18 -0500

You may want to check out Aanval's IDS console, both limited version and
commercial licensed version.  Very powerful!



-----Original Message-----
From: snort-users-admin@lists.sourceforge.net
[mailto:snort-users-admin@lists.sourceforge.net] On Behalf Of Gene R
Gomez
Sent: Monday, September 19, 2005 12:13 PM
To: snort-users@lists.sourceforge.net; ddodge@gmail.com
Subject: Re: [Snort-users] ACID/BASE vs PRELUDE

Heya,

Disclaimer: member of Prelude Hybrid IDS development team.
Prelude as a Snort management console depends a little bit on what you 
mean as a management console.  In terms of viewing alerts, it does a 
great job of providing a consolidated interface for security events 
across all of your platforms and devices.
If, however, you mean as a method for actual management (changing 
configuration, stopping and restarting services, managing rules, etc), 
Prelude probably won't give you what you're looking for (yet!).
Basic support for sensor management is present in Prelude 0.9 (which 
goes stable within the next few days), but the interfaces aren't written

yet.
At any rate, Prelude's greatest strength is in presenting your Snort 
alerts alongside your host-based alerts, your firewall alerts, and all 
manner of other things.  BASE appears to be more of an analytical engine

for Snort alone.

Gene R Gomez

On Aug 26, 2005, at 10:38 AM, ddodge wrote:

 All,

 Has anyone done a good comparision between BASE
 (http://secureideas.sourceforge.net/) and Prelude
 (http://www.prelude-ids.org/) as a managment console for Snort ?



-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server.
Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-users] ACID/BASE vs PRELUDE, ddodge Re: [Snort-users] ACID/BASE vs PRELUDE, Joel Esler [Snort-users] Re: ACID/BASE vs PRELUDE, Kris Karas Re: [Snort-users] Re: ACID/BASE vs PRELUDE, Gene R Gomez [Snort-users] Re: ACID/BASE vs PRELUDE, Kris Karas Re: [Snort-users] ACID/BASE vs PRELUDE, Gene R Gomez RE: [Snort-users] ACID/BASE vs PRELUDE, Ron Jenkins <=

Previous by Date:	Re: [Snort-users] (snort_decoder) WARNING: IP dgm len < IP Hdr len!, snort user
Next by Date:	Re: [Snort-users] Problem with barnyard 0.2.0 and snort 2.4.0, Paul Schmehl
Previous by Thread:	Re: [Snort-users] ACID/BASE vs PRELUDE, Gene R Gomez
Next by Thread:	[Snort-users] Wrong setup?, tmp
Indexes:	[Date] [Thread] [Top] [All Lists]