Security Basics mailing list archives
Re: MS Admin frendily *nix distrobution / Re: to the RE:s Windows IDS
From: Gene Cronk <gcronk () trsg net>
Date: Wed, 12 Nov 2003 10:48:08 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My first suggestion here would be: see if there's a Linux User's Group in your area. If there is, sign up on their mailing list and go to a meeting or two. You can learn a lot by actually interacting with people who use Linux. Second suggestion: I would personally go with SuSE as a beginner distro. As far as documentation, check out: The Linux Documentation Project: http://www.tldp.org/ Webmonkey's UNIX Guide: http://hotwired.lycos.com/webmonkey/reference/unix_guide/ Webmonkey's "Enough UNIX for Your Resume": http://hotwired.lycos.com/webmonkey/97/02/index3a.html?tw=backend Hope this helps. - -- Gene Cronk MCP,iNet+,Network+ (gcronk () trsg net) The Robin Shepherd Group -- Systems Administrator Office (904)-359-0981 Ext. 36 Cell (386)-795-3081 me null wrote: | Well i must say i am verry happy with the amount of replys i recieved on | this thread. sry bout the delay in my responce, all ov your input was | very nice and sry bout noot looking as well as i should have on snort.org | | As far as *nix goes, i have been planing on getting a distro. and | learning *nix ive just been very bussy latly. I was over on technet the | otherday and noticed thay smartly made the conversion from *nix > M$ | alot eayser via there doc on x-fering *nix knowladge to M$. i havnt read | it but i did have 2 questions... | | 1 witch distrobution makes the eaysest transition from MS > *nix? | 2 is there a doc the opsite of the 1 MS made? i sapose i could reverse | enginer it but id rather not have to | | you can turn off / close all of the ports in MS atleast in 2k3 i havnt | tryed it in 2k yes even 135tcp i dont mean block but close the ports. | (tho u can block access to them 3 times over aswell) what i lack in *nix | knowlage i make up for in MS | | - thx again - me | | |> From: Jimi Thompson <jimit () myrealbox com> |> To: "me null" <me_null () hotmail com>,security-basics () securityfocus com |> Subject: Re: Windows IDS |> Date: Thu, 6 Nov 2003 22:55:24 -0600 |> |> All of the best tools are going to be linux or unix based since |> they've likely been around longer. Personally, I consider my IDS box |> to be a bastion host and I try to lock it down as best I can. That's |> very difficult to do with Windows unless you want a very broken |> machine. It's much easier to do with Linux or Unix. Frankly, of all |> the IDS's I've see, commercial and open source, SNORT rates among the |> highest. I've worked for larger employers who insisted on testing |> other products, many that ran well into 6 figures, but most all of |> them ended up using SNORT. They may have bought the other stuff, but |> SNORT definitely has it's place. Combined with per host firewalls, |> Tripwire, good perimeter security and Nessus to scan and check on |> everything, you should be in good very good shape. I'd also suggest |> that you scavenge something you can load RedHat, Mandrake, or SuSE on |> and start getting comfortable with Linux. |> |> 2 cents, |> |> Jimi |> |> At 2:31 PM -0500 11/6/03, me null wrote: |> |>> Hello everyone, ive seen alot of people recomending snort as an IDS |>> but the only problem w/ that is im running windows. As far as the |>> enviorment the IDS would be in... theres not alot of PCs in it, its a |>> privet network. The top few things i want are in this order |>> |>> 1 - Security of course, how good the IDS acutualy is |>> 2 - Interface, something that will not be a pain in the arse to have |>> to deal with |>> 3 - Price, null = best |>> 4 - Funcontionalty, basic features that make life easyer ie. having |>> logs sent to a remote pc, ect ect |>> |>> TY |>> |>> BTW about "opensource" things, is the only opensource apps / tools |>> just for non MS platforms? if i made an IDS for windows i would have |>> it be open source |>> |>> _________________________________________________________________ |>> Is your computer infected with a virus? Find out with a FREE |>> computer virus scan from McAfee. Take the FreeScan now! |>> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 |>> |>> |>>- ---------------------------------------------------------------------------
|>> |>> Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE |>> The Presidio integrates PGP data encryption and XML Web Services |>> security to simplify the management and deployment of PGP and reduce |>> overall PGP costs by up to 80%. |>> FREE WHITEPAPER & 30 Day Trial - |>> http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 |>>- ----------------------------------------------------------------------------
|>> |> |> |> |>- ---------------------------------------------------------------------------
|> |> Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE |> The Presidio integrates PGP data encryption and XML Web Services |> security to simplify the management and deployment of PGP and reduce |> overall PGP costs by up to 80%. |> FREE WHITEPAPER & 30 Day Trial - |> http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 |>- ----------------------------------------------------------------------------
|> |> |> | | _________________________________________________________________ | Compare high-speed Internet plans, starting at $26.95. | https://broadband.msn.com (Prices may vary by service area.) | | |- ---------------------------------------------------------------------------
| Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE | The Presidio integrates PGP data encryption and XML Web Services | security to simplify the management and deployment of PGP and reduce | overall PGP costs by up to 80%. | FREE WHITEPAPER & 30 Day Trial - | http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 |- ----------------------------------------------------------------------------
| | | | | !DSPAM:3fb16a41678461140267167! | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/slY3KFvyxVTltrARAthRAJkBYgz705fk5Z0u6oT6uI/OSkcYYQCfTuu4 6NLmU3utzk0iv08w/usyrN4= =C1bG -----END PGP SIGNATURE----- --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCEThe Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- MS Admin frendily *nix distrobution / Re: to the RE:s Windows IDS me null (Nov 11)
- Re: MS Admin frendily *nix distrobution / Re: to the RE:s Windows IDS Gene Cronk (Nov 13)