Firewall Wizards mailing list archives
ID Solutions
From: Kyle Starkey <KSTARKEY () altera com>
Date: Mon, 24 May 1999 11:15:52 -0700
I know this may not be the right place for this, but I was hoping that some one could recommend a piece of software that would take Cisco Network Monitoring data and scan it for ID Signatures as an ongoign process. I was looking into host based ID, but the Net Ops group is implementing Network monitoring so I thought I could piggy back their project and do net based detection, then if I see attacks to a single IP I could drill down and investigate that machine and its activites. Any suggestions as to a software package, open source or not, would be VERY much appreciated. Also any suggestions on why this is a BAD idea or better solutions given our setup will also be greatly appreciated. I need to get this implemented before we lose anything important to our "hard-crunchy-shell-soft-chewy-middle" approach to security. Thanks for the advice Kyle Starkey Information Security Group kstarkey () altera com
Current thread:
- ID Solutions Kyle Starkey (May 28)