Security Basics mailing list archives
Re: Network IDS
From: "Duston Sickler" <dustons () charter net>
Date: Sat, 16 Aug 2003 14:17:23 -0500
Snort was my first recommendation. However the Network Administrator is of the attitude that free software = cheap or lower class software. He also didn't like the fact the there was no tech support we could call. Duston Sickler CompTIA A+ Certified "Cedo nulli." ----- Original Message ----- From: "smyrum" <smyrum () bresnan net> To: "'Duston Sickler'" <dustons () charter net> Sent: Saturday, August 16, 2003 12:05 PM Subject: RE: Network IDS
Not certain if you consider Snort with an ACID interface to be a *nix solution. It does work the work it's intended to do with a great deal of flexibility on the user's part. Packet sniffing can be tuned to suit your needs. We use it on a Class B network and I doubt that you could find a better product. It is not a plug and play solution, but neither is network security. -----Original Message----- From: Duston Sickler [mailto:dustons () charter net] Sent: Friday, August 15, 2003 11:30 AM To: security-basics () securityfocus com Subject: Network IDS Hello, I would like to thank in advance everyone who is out of the office. I really do like to hear about it. The Network Administrator for the company I work for has charged me to locate a Network Intrusion Detection System. We do have a monitored firewall between us and the outside world. We need something to protect our servers from anyone coming from the inside. We have about 20 Windows 2000 Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations. We live in a 100% Windows world and the powers that be will not be receptive to any *nix solutions. We are more the willing to pay for a top of the line product as long is it is in fact top of the line. Currently I have been looking at the Symantec Gateway Device. We like the idea of a stand alone piece of hardware. The only problem is we already have a gateway server washing our email of viruses and 99% of Spam. Does anyone have any comments on the Symantec Gateway device? We have had excellent experiences with there Gateway software and NAV Corp. Does anyone have a different or better device that they could point me towards? I would like to thank everyone who replies to this post. I have learned a great deal being on this list the last year and will continue to appreciate all the expertise that is freely given here. Duston Sickler CompTIA A+ Certified "Cedo nulli." ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Network IDS, (continued)
- Re: Network IDS Duston Sickler (Aug 16)
- Re: Network IDS Gabriel Orozco (Aug 16)
- Re: Network IDS cc (Aug 16)
- RE: Network IDS Stuart (Aug 16)
- Re: Network IDS Andy Cuff [talisker] (Aug 18)
- Re: Network IDS Lukas Sosnovec (Aug 18)
- Re: Network IDS Adam Newhard (Aug 18)
- Re: Network IDS Attila Nagy (Aug 22)
- Re: Network IDS Gopinath (Aug 25)
- RE: Network IDS Krueger, Brian (Aug 16)
- Re: Network IDS Duston Sickler (Aug 16)
- expert? (was: Re: Network IDS James W. Meritt (Aug 18)
- Re: Network IDS Schneider Sebastian (Aug 18)
- Re: Network IDS -SIMON- (Aug 27)
- RE: Network IDS McGill, Lachlan (Aug 18)
- RE: Network IDS Meidinger Chris (Aug 18)
- RE: Network IDS Dave Killion (Aug 26)