Full Disclosure mailing list archives
Re: Snort as IDS/IPS in mission-critical enterprise network
From: "J.A. Terranson" <measl () mfn org>
Date: Fri, 9 Dec 2005 11:13:17 -0600 (CST)
On Fri, 9 Dec 2005, Native.Code wrote:
Is Snort enterprise ready where it can be deployed to monitor mission-critical network?
Yes. It is, and has been for some time.
If any of you can name any big network which is using Snort as an example, it will be very helpful.
Because of NDA, I cannot *name* the network where I was a part of the team installing and maintainting SNORT on a large network, but I can tell you that this network is one of the top tier-1 NSPs. I can tell you that SNORT is the sole such product chosen for this purpose, and that it works better than we could have possibly hoped for. last I looked, SNORT was being used on circuits as large as OC12s. The problem isn't going to be your sensor (SNORT et al), but your back end software - *that* part is a bitch! -- Yours, J.A. Terranson sysadmin () mfn org 0xBD4A95BF I like the idea of belief in drug-prohibition as a religion in that it is a strongly held belief based on grossly insufficient evidence and bolstered by faith born of intuitions flowing from the very beliefs they are intended to support. don zweig, M.D. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Snort as IDS/IPS in mission-critical enterprise network Native.Code (Dec 08)
- Re: Snort as IDS/IPS in mission-critical enterprise network none none (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network c0ntex (Dec 09)
- RE: Snort as IDS/IPS in mission-critical enterprisenetwork Paul Melson (Dec 09)
- New paper on theory of disclosure for security & competitive reasons Peter Swire (Dec 13)
- Re: Snort as IDS/IPS in mission-critical enterprise network coderman (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network c0ntex (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network Michael Holstein (Dec 09)
- RE: Snort as IDS/IPS in mission-critical enterprisenetwork Paul Melson (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprisenetwork Michael Holstein (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network none none (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprisenetwork sk (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network coderman (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network Technica Forensis (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network Native.Code (Dec 11)
- Re: Snort as IDS/IPS in mission-critical enterprise network Mark (Dec 11)