RE: Need recommendations about IDS Systems

["Ivan Coric" <ivan.coric () workcoverqld com au>]

Hi Jenn
take a look at snort, but also consider ACID
http://www.cert.org/kb/acid/
Have multiple snort sensors logging to a mysql DB and use ACID to view
it via a web browser. Its great!

cheers


Ivan Coric
IT Security Officer
Information Technology
WorkCover Queensland
Ph: (07) 30066414 Fax: (07) 30066424
Email: ivan.coric () workcoverqld com au

> > > "Robert Sieber" <securityfocus () different-thinking de> 01/28/03
06:44am >>>
I think you should give snort a closer look!

Robert

--
http://board.protecus.de - Firewalls, Security and more ...
www.different-thinking.de - Netze, Protokolle, Sicherheit, ...



> -----Original Message-----
> From: Jennifer Fountain [mailto:JFountain () rbinc com] 
> Sent: Friday, January 24, 2003 8:44 PM
> To: security-basics () securityfocus com 
> Subject: Need recommendations about IDS Systems
>
>
> I have been looking at a couple IDS systems and reading reviews. My
head =
> hurts :)  Any recommendations ?  I want something to sit inside my =
> network, in the DMZ and outside.  I want it to also email me and send
=
> information to my syslog server.  OS doesn't matter. I can do nt or
=
> linux.
> thanks!
>
>
>
> Thank you
> Jenn Fountain







***************************************************************************
Messages included in this e-mail and any of its attachments are those
of the author unless specifically stated to represent WorkCover Queensland.
The contents of this message are to be used for the intended purpose only
and are to be kept confidential at all times. This message may contain
privileged information directed only to the intended addressee/s.
Accidental receipt of this information should be deleted promptly
and the sender notified.
This e-mail has been scanned by Sophos for known viruses.
However, no warranty nor liability is implied in this respect.
**********************************************************************