IDS mailing list archives

RE: Experience security-information-management

From: José Luis Jerez <jljerez () telefonica net>
Date: Thu, 17 Nov 2005 07:55:16 +0100

Hi,

OSSIM is a distribution of open source products that are integrated to
provide an infrastructure for security monitoring. OSSIM aims to unify
network monitoring, security, correlation and qualification in one single
tool. Using Snort, Acid, Mrtg, NTOP, OpenNMS, nmap, nessus and rrdtool. The
user have full control over every network or security aspect.

http://www.ossim.net/

Jose Luis

-----Original Message-----
From: klaus.dombrofsky () degussa com [mailto:klaus.dombrofsky () degussa com] 
Sent: lunes, 14 de noviembre de 2005 10:18
To: focus-ids () securityfocus com
Subject: Experience security-information-management

Hi folks,

Has anyone already experiences with  a security-information-tool  like
ArcSight/Open Service or similar ?
We plan to evaluate  systems, which are able to read  different logfiles (
ids, firewall, ..... ) to extract possible relations to find possible
intrusion-trials.
At the moment i see tons of logfiles, which can not be checked anymore and i
cannot imagine that a tool is able to check these files AND is able to find
valuable informations and relations.
Maybe someone of you already has positive or negative experiences.
Or there are important points, which should be checked in an evaluation.

Klaus

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

Current thread:

Experience security-information-management klaus . dombrofsky (Nov 14)
- RE: Experience security-information-management etrust_scm (Nov 16)
- RE: Experience security-information-management José Luis Jerez (Nov 17)
- <Possible follow-ups>
- RE: Experience security-information-management mhellman (Nov 17)