Security Basics mailing list archives
Re: Discussion about IDS's
From: Gonzalo Martinez <karmax () gmail com>
Date: Thu, 14 Jul 2005 02:25:30 -0300
Hello Juan On 7/12/05, Juan B <juanbabi () yahoo com> wrote: > I configured and using snort IDS with 7 sensors. I > just cant rid of the false positives... is it a lot of > maintannce or is it just me ? The maintenance is _REALLY_ variable, it depends on the config among others. I allways think "if you dont need it, dont install it"... but well if you want, you can install ACID and Mysql, to have a "fancy" show for the snort output. > is it true that in some firms there is a dedicated > person for the IDS system. Some networks have a dedicated person, but it depends on the traffic, rules, security, etc. I never has a person working with me that only have the task of analyze that, try SNORT with ACID and MySQL, i think that it will make things more easy. Good luck -- Gonzalo Martinez Jabber: KarMax () jabber org
Current thread:
- Discussion about IDS's Juan B (Jul 13)
- Re: Discussion about IDS's Gonzalo Martinez (Jul 18)