IDS mailing list archives
RE: IDS CISCO alarm
From: "Phil Hollows" <phollows () open com>
Date: Tue, 11 Jan 2005 09:53:07 -0500
RDEP is the protocol used in 4.x sensors. There's a PERL library on CPAN that OpenService (another SIM vendor www.open.com ) has released that allows you to analyze RDEP data. Thanks, Phil -----Original Message----- From: Gary Halleen (ghalleen) [mailto:ghalleen () cisco com] Sent: Thursday, January 06, 2005 9:06 PM To: 'Julio Crespo'; focus-ids () securityfocus com Subject: RE: IDS CISCO alarm Julio, With IDS 4.1 code, the Cisco IDS only communicates directly with the monitoring console (either Cisco's IDS Event Viewer, or Security Monitor, or to any of a variety of third-party vendor products, like Arcsight, Protego, netForensics, etc). The monitoring consoles have the ability of either forwarding events or executing a script based on the events. With IPS 5.0 code (currently in beta), the sensor can send SNMP traps in addition to the above. Gary -----Original Message----- From: Julio Crespo [mailto:jcrespo () sigfe cl] Sent: Wednesday, January 05, 2005 1:41 PM To: focus-ids () securityfocus com Subject: IDS CISCO alarm Hi, someone knows if is configurable for send alarms the IDS CISCO ? I have looked for by all the site of Cisco without obtaining no reference As it is possible that a IDS does not have form to alarm? it is necessary to be patch to log that it gives product IDS Event Viewer? Thanks a lot. ------------------------------------------------------------------------ -- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ -- ------------------------------------------------------------------------ -- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ -- -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- IDS CISCO alarm Julio Crespo (Jan 06)
- Re: IDS CISCO alarm Krystian Antoni (Jan 08)
- RE: IDS CISCO alarm Gary Halleen (ghalleen) (Jan 10)
- <Possible follow-ups>
- RE: IDS CISCO alarm Arndt . WA (Jan 08)
- RE: IDS CISCO alarm Phil Hollows (Jan 12)