Security Basics mailing list archives
RE: Best IDS ?
From: "McKinley, Jackson" <Jackson.McKinley () team telstra com>
Date: Fri, 9 Dec 2005 10:23:36 +1100
Personally... Best thing about snort is now easy it is to deploy new sensors when needed. In a large networks you can deploy sensors at the drop of a hat. You can reuse retired hardware (depending on the network) so no need to fork out 40 - 60k for a "sensor" which is just a 1ru pc with a fancy brand name :P. Building a sensor takes what 20min? Even quicker if you had a rollout image. Build a kickstart image and you can deploy anywhere on your network!! Ha-ha ok I'm going over board :) The way its so easy to write new rules. It takes 10 - 15 min to create a new rule to search for the type of traffic your interested in. Maybe I'm just a snort fan but hey I always push snort. Cheers J. -----Original Message----- From: Breno Colom [mailto:breno () aureal com pe] Sent: Thursday, 8 December 2005 10:54 AM To: Juan B Cc: security basics Subject: Re: Best IDS ? On Wed, 2005-12-07 at 02:34 -0800, Juan B wrote:
where can I find a comperison article related to IDS's?
Straight out from Snort.org's news section: "Microsoft Certified Professional Magazine published an article on Intrusion Detection. While this may not be the most scientific test available, these guys do a decent job discussing IDSs to an audience who are not security experts. The authors tested Dragon, RealSecure, NetProwler, and of course Snort. Not suprising that Snort won their hearts." http://www.mcpmag.com/Features/article.asp?EditorialsID=294 Nice article, though kinda dated as it was written in August 2002. -- Breno Colom breno () breno org http://www.breno.org breno () aureal com pe http://www.aureal.com.pe
Current thread:
- Best IDS ? Juan B (Dec 07)
- Re: Best IDS ? ilaiy (Dec 08)
- Re: Best IDS ? Breno Colom (Dec 08)
- Re: Best IDS ? Dean Davis (Dec 09)
- RE: Best IDS ? Richard Bennison (Dec 08)
- <Possible follow-ups>
- RE: Best IDS ? McKinley, Jackson (Dec 12)