IDS mailing list archives

Re: New to Snort !!!

From: Joel Esler <eslerj () gmail com>
Date: Sat, 28 May 2005 12:14:06 -0500

What's your questions?

Snort should be placed on your outer-most network device on a "SPAN"
or "Mirrored" port.

Snort should be installed on a Linux platform.  The Windows version
(as far as I know) tends to drop more packets.  Maybe someone can
correct me.

A better place to submit your questions is on the snort-users listserv..

Look it up at www.snort.org

Joel

On 5/24/05, Venkatesh G S <venkatesh.gs () gmail com> wrote:

Hi all,

      I am a new member to this group & i am sure i will get your
valuable suggestion for my problem.
     I work for an organization where we have almost all the latest
devices in place, which includes L3 Switches, VOIP,High end server &
etc. We have around 1500 desktops & this is a production environment.

My problem

i) My network manager wants me to suggest an IDS, and i googled
yesterday i recommened him - Snort.
ii) I am quite new to IDS and i haven't done even a single
installation of Snort till now.

Can anyone let me know the features of Snort, where this sensor should
be placed in the Network?. Plz dont think that i am not doing my
homework.i have already started to collect information from Snort.org
but i find it a little to difficult to undersatnd the concept.

I need help in how to install Snort?. Finally are there any windows
edition of Snort avaliable.

Regards

Venkatesh


--
The impossible is often untried.

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------



-- 
Joel Esler
BASE Project Lead
http://sourceforge.net/projects/secureideas

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------

Current thread:

New to Snort !!! Venkatesh G S (May 28)
- Re: New to Snort !!! Joel Esler (May 29)