Security Basics mailing list archives
Re: Puresecure IDS documentation
From: -SIMON- <simon () snosoft com>
Date: Tue, 26 Aug 2003 15:52:07 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Well,Its been a while since I've used it but one thing that I noticed the last time (not sure if this holds water any more) is that you need to delete events often. If you are on an ISP grade network standard NIDS generate amazingly large amounts of false positives... which can be circumvented with paitence...
So, my advice, dmarc will become slow if there are too many alerts... delete often... is this still true? I sure hope I am full of it...
N30 wrote:
Hi All, I have installed puresecure IDS from Demarc. It is snort based. But I cannot find a good document to configure it. It seems to have lot of options. The home site is not a great help. Any pointers/feedback/links appreciated.... Thanks in advance -n --------------------------------------------------------------------------- ----------------------------------------------------------------------------
- --
- -simon- http://www.snosoft.com Tibetan "Book of the Dead," ca. 4000 BC. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/S7pnf3Elv1PhzXgRApp7AJ9DwI5X5JGdFU1MTeQVrz8UAIC/lgCfS7XX dKSXKIE4p3/81qCqXIb5Rqg= =hIrY -----END PGP SIGNATURE----- ---------------------------------------------------------------------------Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------
Current thread:
- Personal Firewall Recommendations Kryptos (Aug 15)
- Re: Personal Firewall Recommendations Sven Pfeifer (Aug 16)
- Re: Personal Firewall Recommendations Chris (Aug 18)
- RE: Personal Firewall Recommendations Stuart (Aug 16)
- Puresecure IDS documentation N30 (Aug 18)
- Re: Puresecure IDS documentation -SIMON- (Aug 27)
- Puresecure IDS documentation N30 (Aug 18)
- Re: Personal Firewall Recommendations Ansgar Wiechers (Aug 16)
- Re: Personal Firewall Recommendations Kryptos (Aug 18)
- Re: Personal Firewall Recommendations Birl (Aug 26)
- <Possible follow-ups>
- Re: Personal Firewall Recommendations Dan Duplito (Aug 16)
- Re: Personal Firewall Recommendations Tomas Wolf (Aug 16)
- RE: Personal Firewall Recommendations LordInfidel (Aug 16)
- RE: Personal Firewall Recommendations McGill, Lachlan (Aug 18)
- Re: Personal Firewall Recommendations Alaa Shaheen (Aug 18)
- Re: Personal Firewall Recommendations security (Aug 18)
- Re: Personal Firewall Recommendations Nigel Hedges (Aug 19)
- Re: Personal Firewall Recommendations security (Aug 18)
(Thread continues...)
- Re: Personal Firewall Recommendations Sven Pfeifer (Aug 16)