RE: Recommending an IDS system

["AJ Butcher, Information Systems and Computing" <Alex.Butcher () bristol ac uk>]

--On 02 March 2004 16:35 -0300 Daniel Cid <danielcid () yahoo com br> wrote:

> Just correcting, the Cisco IDS sensors runs on Solaris
> and an advantage under the snort (the open source one)
> is the possibility to apply a shun (to block traffic)
> and it's much easies to view/analyze the logs...

You might like to look into SnortSAM <http://www.snortsam.net/> and 
flexresp; I believe these features allow Snort to achieve the same effect. 
SnortSAM integrates with FW-1, PIX, Cisco ACLs, Netscreen, ipf, pf, 
ipchains, iptables and WatchGuard. Alternatively, if you're after an inline 
IPS, snort-inline <http://snort-inline.sourceforge.net/> or hogwash 
<http://hogwash.sourceforge.net/> are the way to go.

> Daniel B. Cid

Best Regards,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------