Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Good Snort Signatures <-- is all in tuning

From: "Alex Butcher, ISC/ISYS" <Alex.Butcher () bristol ac uk>
Date: Wed, 25 Aug 2004 09:37:39 +0100
--On 24 August 2004 22:27 -0400 "Keith W. McCammon" <mccammon () gmail com> wrote: 


Check out Sourcefire's Defense Center solution.  3D uses their RNA
system, which is system- and network-aware to contextualize and
prioritize sensor alert data.  Note that this is not an auto-tuning
IDS, but does use information about your local network, as well as
policy-based parameters, to help you "cut to the chase" when dealing
with alert data.

http://sourcefire.com/products/mgmt.html
...Alternatively, OSSIM <http://www.ossim.net> uses the results of previously-run Nessus scans to boost the priority of alerts that match a vulnerability that was previously found by Nessus. 

Best Regards,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9




-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: