Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cisco IDS

From: "Alex Butcher, ISC/ISYS" <Alex.Butcher () bristol ac uk>
Date: Mon, 17 Jan 2005 16:39:03 +0000


--On 16 January 2005 08:36 -0500 John Hally <JHally () epnet com> wrote:


Out of curiosity, has anyone had any experience with Cisco's IDS?  I'm
curious how Snort stacks up in strengths/weaknesses including
Sourcefire's commercial products.
When using CSIDS back in 2002, I found it was impossible to determine why signatures had been triggered. Further, it was hard to tune rules (other than by source/dest IP). Things may have improved since then, but I've not heard anything that indicates that this is the case. 


Thanks in advance!


HTH,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9




-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: