Penetration Testing mailing list archives
Re: [PEN-TEST] IDS
From: "Dunker, Noah" <NDunker () FISHNETSECURITY COM>
Date: Tue, 12 Sep 2000 12:37:19 -0500
One good thing to do would be to check out some of the pen-test archives, as there was a rather lengthy thread about the IDS arena. Check here (sorry for the long-winded URL): http://www.securityfocus.com/templates/archive.pike?threads=1&end=2000-08-17 &start=2000-08-11&tid=76806&list=101&fromthread=0& Personally, I dont' keep much Intrusion detection stuff in my "toolbox", but at home, I stick with things like snort, and PortSentry. In real life, There are tons of different commercial packages being used, and only a handful of the commercial packages are worth looking at. All of them are, IMHO, overpriced. "Scheduled usage" confuses me a little. for the most part, IDS's run around the clock, and notify admins when certain things happen. --Noah Dunker Network Security Engineer FishNet Security * This document may contain views and opinions that are my own, and not that of my employer. -----Original Message----- From: Alt, Brandon [mailto:cheshire () DOTNOW COM] Sent: Tuesday, September 12, 2000 1:18 AM To: PEN-TEST () SECURITYFOCUS COM Subject: IDS As far as IDS I know the basics. What I'd like to know is about the specific tools. What is out there for each platform? Is there anything that will cover multi-platform? What does everyone have in their toolkits? What type of usage do you perform(schedules, responses, etc)? Thanks in advance. http://www.dotNow.com ... totally free Internet access is here!
Current thread:
- [PEN-TEST] IDS Alt, Brandon (Sep 12)
- Re: [PEN-TEST] IDS Jensenne Roculan (Sep 12)
- <Possible follow-ups>
- Re: [PEN-TEST] IDS Dunker, Noah (Sep 12)