Educause Security Discussion mailing list archives

Re: IDS applications

From: Seth Hall <seth () REMOR COM>
Date: Tue, 6 Jul 2010 14:03:47 -0400

On Jul 6, 2010, at 11:57 AM, Brian Grime wrote:

Just wondering what different institutions are using in terms of open source IDS/IPS, and there heartaches or success 
stories that go along with them.


I'm not at The Ohio State University anymore, but I set up a rather large Bro-IDS (http://www.bro-ids.org/) cluster 
there that  provided huge benefits to us during incident response.  We were also able to detect activity that 
signature-only IDS are unable to detect.

I still participate heavily in the project and if you are interesting in learning more about Bro I'd be glad to lend a 
hand. :)

  .Seth

Current thread:

IDS applications Brian Grime (Jul 06)
- Re: IDS applications Seth Hall (Jul 06)
- Re: IDS applications James J. Barlow (Jul 07)
  - Re: IDS applications Joel Rosenblatt (Jul 07)
    - Ad-Aware Free now includes AV. Implications for anti-spyware recommendations Ben Woelk (Jul 07)
    - Re: Ad-Aware Free now includes AV. Implications for anti-spyware recommendations King, Ronald A. (Jul 07)
    - Re: Ad-Aware Free now includes AV. Implications for anti-spyware recommendations Nguyen, Tung (Jul 07)
    - Re: Ad-Aware Free now includes AV. Implications for anti-spyware recommendations Alex Keller (Jul 07)