Full Disclosure mailing list archives

Re: Snort as IDS/IPS in mission-criticalenterprisenetwork

From: "sk / GroundZero" <fd-list () g-0 org>
Date: Mon, 12 Dec 2005 14:54:43 +0100

i don't know if i mentioned it before, but xray ids is for windows and not based 
on snort, tho it doesnt support customized rules sofar, but that will come in next 
version(s). http://www.xray-ids.com if you want to give it a try.
-sk
----- Original Message ----- 
From: "Chris Cutler" <chris.cutler () hotmail com>
To: <Native.Code () gmail com>
Cc: <full-disclosure () lists grok org uk>
Sent: Monday, December 12, 2005 12:58 PM
Subject: RE: [Full-disclosure] Snort as IDS/IPS in mission-criticalenterprisenetwork

Dear all,

Thanks for valuable input. It was very much appreciated. I kind of get the 
impression that Snort is very stable product but it needs a lot of effort 
configuring, monitoring and customizing. We will definitely give it a try. I 
assume I did not mention, we will be using Windows binary. Is this as stable 
as Linux version?

Some of you mentioned that many commercial productions are based on Snort. 
Can anyone name another product besides those from Sourcefire?

One of the products that you might want to look at is from CounterSnipe, 
www.countersnipe.com They do SNORT based IDS/IPS devices at reasonable 
pricing.



Thanks again,
Native.Code



On 12/10/05, Technica Forensis <forensis.technica () gmail com> wrote:

what ever happened to FPGA/hardware based NIDS classifiers?  There
seemed to be a number of papers and even some open source (open cores) code 
to do 10GigE with ease.

still in the research labs?


http://www.cloudshield.com
and have your pocketbook ready, 'cause it ain't cheap.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_________________________________________________________________
Are you using the latest version of MSN Messenger? Download MSN Messenger 
7.5 today! http://messenger.msn.co.uk

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

RE: Snort as IDS/IPS in mission-critical enterprisenetwork Chris Cutler (Dec 12)
- Re: Snort as IDS/IPS in mission-criticalenterprisenetwork sk / GroundZero (Dec 12)