What makes a complete IDS package?

[James Lay <jlay () slave-tothe-box net>]

SoŠ..topic says it all.  We all know Snort in and of itself isn't what sayŠa
CEO would call a complete IDS package.  That being said, what addons are
really required, to you, to make it so?  As much as I loath the LAMP
environment, it seems like that's pretty much the only option if you want
reporting.  I'm currently using snortalog (modified since it's old) from
syslog, and oinkmasterŠwhat else is there besides LAMP above?  I know
there's barnyard2 for piping unified to mysql, but to be honest, the less
processes I have running on my IDS, the better in my mind.  Can anyone add
to my list below?  Thanks for anything you can add.

Reporting:
LAMP, Barnyard2 &
Base
Sguil
Snorby

Rules management:
Oinkmaster
Pulled pork


------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users