Security Basics mailing list archives
Re: Best IDS ?
From: Dean Davis <dean.davis () mbg-inc com>
Date: Thu, 08 Dec 2005 11:47:29 -0500
I concur! Management overhead isn't that high with Snort. Additionally, you will learn a great deal more about the way networks move data at all levels of the OSI model, and how to debug and author rule-sets to suit your environment. In my experience, even Cisco's 4200 series require significant knowledge and administration skills to suit a given environment, and still lacks many of Snort's features. I had the Cisco guys here at my shop sometime earlier this year, and they both couldn't argue with me when I told them that Snort is our corporate standard. Also, take a look at sourcefire.com, the commercial arm that develops snort-based solutions that require less overhead. Snort is hands-down, the best! Regards, On Wed, 2005-12-07 at 18:53 -0500, Breno Colom wrote:
On Wed, 2005-12-07 at 02:34 -0800, Juan B wrote:where can I find a comperison article related to IDS's?Straight out from Snort.org's news section: "Microsoft Certified Professional Magazine published an article on Intrusion Detection. While this may not be the most scientific test available, these guys do a decent job discussing IDSs to an audience who are not security experts. The authors tested Dragon, RealSecure, NetProwler, and of course Snort. Not suprising that Snort won their hearts." http://www.mcpmag.com/Features/article.asp?EditorialsID=294 Nice article, though kinda dated as it was written in August 2002. -- Breno Colom breno () breno org http://www.breno.org breno () aureal com pe http://www.aureal.com.pe
-- Dean Davis,RHCE,CCSP,MCSE,MCDBA,CCNA,Linux+ Sr. Network Engineer MBG Telecom Software P. 212.822.4429 F. 212.822.4499 W. www.mbg-inc.com P/GPG: A9C110B4 Key Server: http://pgp.mit.edu -- The information in this email (including any attachments) is confidential and may be legally privileged. Access to this e-mail by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it (including any attachments) is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, all attachments, and any copies thereof from your system and destroy any printout thereof. This message has been scanned for viruses and dangerous content and is believed to be clean.
Current thread:
- Best IDS ? Juan B (Dec 07)
- Re: Best IDS ? ilaiy (Dec 08)
- Re: Best IDS ? Breno Colom (Dec 08)
- Re: Best IDS ? Dean Davis (Dec 09)
- RE: Best IDS ? Richard Bennison (Dec 08)
- <Possible follow-ups>
- RE: Best IDS ? McKinley, Jackson (Dec 12)