IDS mailing list archives

RE: newbie quetsions

From: "zekker" <zekker () ivolution ca>
Date: Tue, 28 Dec 2004 10:59:13 -0500

Also look at the Prelude IDS.  It is a great tool also and like snort is
open source.  It also employs the SNORT rules sets when compiled with SNORT
support.  The nice thing about this IDS is that it is able to monitor log
files.

http://www.prelude-ids.org/

Richard Zaluski, CCNA, CRCP
CISO, Security and Infrastructure Services 
iVolution  Technologies Incorporated

905.309.1911
866.601.4678
905.524.8450 (Pager)
www.ivolution.ca
rzaluski () ivolution ca


-----Original Message-----
From: Andrey Todorov [mailto:andreyt () gawab com] 
Sent: Friday, December 24, 2004 10:08 AM
To: focus-ids () securityfocus com
Subject: newbie quetsions

Hi People,
I tried several times to subscribe myself to "Security Basics" mailing 
list to ask my questions, but didn't succeed. Excuse me if my questions 
aren't adequate to "Focus IDS" mailing list!

I'll be very gratefull if you share your opinion with me for the 
following situation. I have small network (5 PCs) behind one Linux box 
(iptables firewall , Pentium I 166Mhz, 32MB RAM, 4GB HDD) and want to 
increase security for this network.

    1. Do I need IDS?
    2. What do you think about Snort? Can I find easy maintainable 
free/opensource IDS then Snort?
    3. What IDS literature should I read?

Thank you in advance!

Andrey



--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------




--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

Current thread:

newbie quetsions Andrey Todorov (Dec 27)
- Re: newbie quetsions GuidoZ (Dec 27)
- Re: newbie quetsions ken_i_m (Dec 30)
- Re: newbie quetsions Fabien Degouet (Dec 30)
- RE: newbie quetsions Randy Golly (Dec 30)
- RE: newbie quetsions zekker (Dec 30)
- <Possible follow-ups>
- RE: newbie quetsions Harper, Patrick (Dec 30)
  - Re: newbie quetsions Dave Aitel (Dec 30)