IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Open Source IDS Solution?

From: Olaf Gellert <og () pre-secure de>
Date: Fri, 26 Aug 2005 11:13:49 +0200
Persio Pucci wrote:

Hello folks,

I am working on a study to deploy some IDS over my company's network,
and I would like to know what GOOD and RELIABLE Open Source IDS are out
there. I could not find a comparative sheet of any kind (or at least,
not a recent one) so I am asking you guys if you have any good ideas. I
already know Snort. What are the other ones?

Thank you for your help!


There are many little tools that can be used as
IDS-sensors (Snort as network sensor, LibSafe as
a very specialized host based sensor, ...).
You may have a look at prelude (http://www.prelude-ids.org/)
for a complete framework of sensors logging into
a central manager. We do have some years of experience
with this and it works pretty reliable. Snort is
now the default network sensor of prelude. I know
there are other frameworks related to Snort only,
you may have a look at the Snort website.

Cheers, Olaf

-- 
Dipl.Inform. Olaf Gellert                  PRESECURE (R)
Senior Researcher,                       Consulting GmbH
Phone: (+49) 0700 / PRESECURE           og () pre-secure de

                        A daily view on Internet Attacks
                        https://www.ecsirt.net/sensornet


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: