snort tamandua or prelude ids

["Lee Sheng" <momosisco () hotmail com>]

All,

Thanks to all of you who have answered my question, it's so nice to get so 
many suggestions nad helps from the community.

My another question is no doubt the snort is one of the best ids compare to 
other ids. However I really interested in the tamandua ids which 
implementing the boolean layer to detect the patent of the attack(less alse 
postive). Anyone have experiences in deploying tamandua ids and I would like 
to know whether tamandua ids is still active or the development of tamandua 
ids is already dead. If you have experience on deploying, hopefully you guys 
can share expericience with me. Then about the prelude IDS, prelude ids 
seems very complicated and I still not sure where to start. Anyone have any 
ideas cause now I still in the way of thinking which ids to deploy for the 
company. Snort, tamandua or prelude?
Prelude seems more in depth on tracking what attacker try to do with HIDS as 
well. I've one and half years experience in snort (not in transparent mode 
of course). If I want to save my time, sure I will choose snort, however I 
would like to hear from you all. Thanks again.


Regards,
Lee

_________________________________________________________________
Download ringtones, logos and picture messages from MSN Malaysia 
http://www.msn.com.my/mobile/ringtones/default.asp


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------