Security Basics mailing list archives

Re: FW/IPS log correlation software

From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Sun, 6 Apr 2008 00:19:46 +0300

Hi.

Netforensics SIM (http://www.netforensics.com/) can do this.
You can utilize OSSEC (www.ossec.net) for this purposes as well.
For cisco products perhaps it is better to use MARS
(http://www.cisco.com/en/US/netsol/ns698/networking_solutions_solution.html),
because their SIM is based on old Netforensics.

4 Apr 2008 13:55:40 -0000, mgk.mailing () googlemail com
<mgk.mailing () googlemail com>:


 http://www.splunk.com/


 We have been looking at that for our own systems.


 mgk



-- 
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com

Current thread:

RE: FW/IPS log correlation software, (continued)
- RE: FW/IPS log correlation software Wong Yu Liang (Apr 04)
- Re: FW/IPS log correlation software Udo Sprotte (Apr 04)
- Re: FW/IPS log correlation software bart knippenberg (Apr 04)
  - RE: FW/IPS log correlation software Alfredo Cedeño (Apr 04)
  - Re: FW/IPS log correlation software Albert Gonzalez (Apr 13)
    - RE: FW/IPS log correlation software Nathan Sherlock (Apr 15)
- RE: FW/IPS log correlation software Loupe, Jeffrey J (Apr 04)
- Re: FW/IPS log correlation software TT-SEC (Apr 04)
- RE: FW/IPS log correlation software Kevin Ortloff (Apr 04)
- Re: FW/IPS log correlation software mgk . mailing (Apr 04)
  - Re: FW/IPS log correlation software Gleb Paharenko (Apr 07)
    - Re: FW/IPS log correlation software Ronald van der Westen (Apr 10)
- Re: FW/IPS log correlation software Olmstead, Frank M. - OTR (Apr 04)