Firewall Wizards mailing list archives
Fwd: Dragon IDS
From: Martin Roesch <roesch () clark net>
Date: Tue, 6 Jul 1999 16:45:25 -0400
Thought you all might be interested.... -Marty ---------- Forwarded Message ---------- Subject: Dragon IDS Date: Tue, 06 Jul 1999 15:28:48 -0700 From: Ron Gula <rjgula () home net> Hi there, I heard about the NFR vs NR vs RS thread and thought I'd send you a note about Dragon. Have either of you heard about it? I wrote Dragon and formed Network Security Wizards (http://www.securitywizards.com ) after evaluating RS, NFR and NR. We just started out, and have had great success through word-of-mouth advertisement alone. In a nutshell Dragon's key features are: - Keeps up with 100baseT networks - Comes with ~300 known attack signatures - New data driven attacks can be trivially added with one line descriptions - Not vulnerable to fragmentation and other IDS avoidance attacks - Dragon-Master can receive event data from up to 100 Dragon-Sensors without impacting the performance or security of the sensor - Operates in GUI and non-GUI modes such that all analyisis and configuration can be accomplished from an SSH shell or through a web browser. - Robust SNMP trap notification - Syslog support - Works on x86 OpenBSD, FreeBSD, Linux and Solaris - Works on Sparc Solaris, SunOS and OpenBSD - Very economical cost (each sensor is $3500 and all other analysis and enterprise tools are included with any purchase) - All events can be converted to TCPDUMP binary formats Feel free to contact us at 443-259-0298 for more information or to evaluate a 30 day trial. There is also an online demo available. Good luck on your IDS selection. Ron Gula President, Network Security Wizards -- Martin Roesch roesch () clark net http://www.clark.net/~roesch
Current thread:
- Fwd: Dragon IDS Martin Roesch (Jul 07)