IDS mailing list archives
Re: New to Snort !!!
From: Joel Esler <eslerj () gmail com>
Date: Sat, 28 May 2005 12:14:06 -0500
What's your questions? Snort should be placed on your outer-most network device on a "SPAN" or "Mirrored" port. Snort should be installed on a Linux platform. The Windows version (as far as I know) tends to drop more packets. Maybe someone can correct me. A better place to submit your questions is on the snort-users listserv.. Look it up at www.snort.org Joel On 5/24/05, Venkatesh G S <venkatesh.gs () gmail com> wrote:
Hi all, I am a new member to this group & i am sure i will get your valuable suggestion for my problem. I work for an organization where we have almost all the latest devices in place, which includes L3 Switches, VOIP,High end server & etc. We have around 1500 desktops & this is a production environment. My problem i) My network manager wants me to suggest an IDS, and i googled yesterday i recommened him - Snort. ii) I am quite new to IDS and i haven't done even a single installation of Snort till now. Can anyone let me know the features of Snort, where this sensor should be placed in the Network?. Plz dont think that i am not doing my homework.i have already started to collect information from Snort.org but i find it a little to difficult to undersatnd the concept. I need help in how to install Snort?. Finally are there any windows edition of Snort avaliable. Regards Venkatesh -- The impossible is often untried. -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
-- Joel Esler BASE Project Lead http://sourceforge.net/projects/secureideas -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- New to Snort !!! Venkatesh G S (May 28)
- Re: New to Snort !!! Joel Esler (May 29)