Security Basics mailing list archives

RE: Network IDS

From: "Stuart" <secmail () patchsupplier dyndns org>
Date: Sat, 16 Aug 2003 02:44:34 +0100

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Have you tried snort for windows? I have just installed it with
IDScentre as the GUI to configure it. Once all the false positives
are sorted out it will alert you to any traffic that will match its
rules.

Stu

- -----Original Message-----
From: Duston Sickler [mailto:dustons () charter net] 
Sent: 15 August 2003 18:30
To: security-basics () securityfocus com
Subject: Network IDS

Hello,

I would like to thank in advance everyone who is out of the office. 
I
really do like to hear about it.

The Network Administrator for the company I work for has charged me
to
locate a Network Intrusion Detection System.  We do have a monitored
firewall between us and the outside world.  We need something to
protect our
servers from anyone coming from the inside.  We have about 20 Windows
2000
Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations.

We live in a 100% Windows world and the powers that be will not be
receptive
to any *nix solutions.  We are more the willing to pay for a top of
the line
product as long is it is in fact top of the line.

Currently I have been looking at the Symantec Gateway Device.  We
like the
idea of a stand alone piece of hardware.  The only problem is we
already
have a gateway server washing our email of viruses and 99% of Spam.

Does anyone have any comments on the Symantec Gateway device?  We
have had
excellent experiences with there Gateway software and NAV Corp.  Does
anyone
have a different or better device that they could point me towards?

I would like to thank everyone who replies to this post.  I have
learned a
great deal being on this list the last year and will continue to
appreciate
all the expertise that is freely given here.

Duston Sickler
CompTIA A+ Certified
"Cedo nulli."


- ----------------------------------------------------------------------
- -----
- ----------------------------------------------------------------------
- ------


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQIVAwUBPz2MgZMRMj30dWmZAQKhsRAAm2VS8L7N5WBDXf7mZk+B3nvKeT2E48bL
hRP1bf/dc2tWZjP944If4c1CeMuxJjLyEB8otfKOs2NWXVJbG9zzL4vvvAHHx/vm
Z8HKU29oqMBMYhqtuMPAS2lHOBq9r6LuBnohxMvxsceFYnCM13AjrOpMhH/41U8R
MtEwwfwqJTBhstKq+XpKnMO7MKkRASf6aTkJV4SIxhhXUORtcC08m7yJp6+hCaJW
qkKld0Ojfy+0CY07VydsHbwdohpT3kolG2zO3idbaIFe5sLk3Jk0DalD5cZJWah6
mmU5Lv6gQtZr8+y1uG897fYsgUxahorBpQfh3hZXF3A61z7vlSOQPmOuzNMA8Mk/
9omODQbqcEwz7zBQz6mbuRGWQqWnz2HVJG/vYWbqhN/bc+fyTZjmViyLSNPtjAr5
5AnMFIe0QFEU5HFgY3uGrRpstSHt+etW5ytF6P1D6EYKVQeiUknna61H6uP1dVYs
V01SGFUk3BEdV6nH/I7Da88D59lG4sWG1FT7uXTz5f7kakgxYkHf6qSYaHOcWCSw
wTl1c8g1ZZlQKlb08dCzHrSf3M2fpFfzoLPx58CKrEVN822YMQOgTFxdYKj0KQvl
Le1a8kAhigx4uiVoR4wluUaNvQY2CciAgjJGzour/sWaUF5FkcrbSmJLdifiqHdu
JNr0ErPucLg=
=7rK3
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Network IDS Duston Sickler (Aug 15)
- Re: Network IDS Logan Rogers-Follis - TNTNetworx.net (Aug 16)
  - Re: Network IDS Duston Sickler (Aug 16)
- Re: Network IDS Gabriel Orozco (Aug 16)
- Re: Network IDS cc (Aug 16)
- RE: Network IDS Stuart (Aug 16)
- Re: Network IDS Andy Cuff [talisker] (Aug 18)
- Re: Network IDS Lukas Sosnovec (Aug 18)
- Re: Network IDS Adam Newhard (Aug 18)
- Re: Network IDS Attila Nagy (Aug 22)
  - Re: Network IDS Gopinath (Aug 25)
- <Possible follow-ups>
- RE: Network IDS Krueger, Brian (Aug 16)
- Re: Network IDS Duston Sickler (Aug 16)
  - expert? (was: Re: Network IDS James W. Meritt (Aug 18)
  - Re: Network IDS Schneider Sebastian (Aug 18)
  - Re: Network IDS -SIMON- (Aug 27)

(Thread continues...)