nanog mailing list archives
Re: Intrusion Detection recommendations
From: Randy Bush <randy () psg com>
Date: Sat, 14 Feb 2015 17:38:54 +0900
I've been tasked by our company president to learn about, investigate and recommend an intrusion detection system for our company. We're a smaller outfit, less than 100 employees, entirely Apple-based. Macs, iPhones, some Mac Mini servers, etc., and a fiber connection to the world. We are protected by a FreeBSD firewall setup, and we stay current on updates/patches from Apple and FreeBSD, but that's as far as my expertise goes. Initially, what do people recommend for: 1. Crash course in intrusion detection as a whole 2. Suggestions or recommendations for intrusion detection hardware or software 3. Other things I'm likely overlooking
if you were comfortable enough with freebsd to use it as a firewall, you can run your traffic through, or mirror it to, a freebsd box running https://www.bro.org/ or https://www.snort.org/ two quite reasonable and powerful open source systems randy
Current thread:
- Re: Intrusion Detection recommendations, (continued)
- Re: Intrusion Detection recommendations Justin M. Streiner (Feb 14)
- RE: Re: Intrusion Detection recommendations Darden, Patrick (Feb 19)
- Re: Intrusion Detection recommendations Owen DeLong (Feb 19)
- Re: Intrusion Detection recommendations BPNoC Group (Feb 14)
- Re: Intrusion Detection recommendations Rafael Possamai (Feb 14)
- Re: Intrusion Detection recommendations Jimmy Hess (Feb 14)
- Re: Intrusion Detection recommendations Charles N Wyble (Feb 14)
- Re: Intrusion Detection recommendations Rich Kulawiec (Feb 14)
- RE: Intrusion Detection recommendations Colin Bodor (Feb 15)
- RE: Re: Intrusion Detection recommendations Darden, Patrick (Feb 19)
- RE: Re: Intrusion Detection recommendations Darden, Patrick (Feb 19)