Home page logo
/

basics logo Security Basics mailing list archives

RE: Recommending an IDS system
From: "Fields, James" <James.Fields () bcbsfl com>
Date: Thu, 4 Mar 2004 12:06:27 -0500

There are a lot of new "appliances" running some form of Unix under the
covers, and the Cisco IDSM2 blades and appliances are no exception.  I
was under the impression these were a stripped down version of BSD
originally, but the update files are Redhat RPMs.  Of course there are
other *nixes that use RPMs.  In any case, Cisco will have stripped down
the OS to the point where there is not much more than a kernel anyway,
so the OS won't resemble Redhat, BSD, or anything else you've seen.

-----Original Message-----
From: Josh Mills [mailto:JMills () cnbwaco com] 
Sent: Wednesday, March 03, 2004 9:48 AM
To: AJ Butcher, Information Systems and Computing; Reza Kordi; Andy
Cuff; security-basics
Subject: RE: Recommending an IDS system

We were on a netranger box and it was definetly solaris but when we
switched the sales rep said it was now running on redhat. I will double
check later today and see what it is actually running.

-----Original Message-----
From: AJ Butcher, Information Systems and Computing
[mailto:Alex.Butcher () bristol ac uk]
Sent: Wednesday, March 03, 2004 7:00 AM
To: Josh Mills; Reza Kordi; Andy Cuff; security-basics
Subject: RE: Recommending an IDS system 




--On 01 March 2004 17:18 -0600 Josh Mills <JMills () cnbwaco com> wrote:

I have implemented a new cisco ids solution and i am very pleased with
it! the signatures are highly tunable for a commercial package and it
seems to be pretty stable. the sensor itself runs on redhat so maybe
it
isnt that much different than snort.

Is this Cisco's Secure IDS appliance? The last time I looked at them
(Aug 
2002) they were running on top of Solaris x86 on Dell Poweredge
hardware. 
The NIDS itself couldn't be more different from Snort; back then, it
didn't 
give any information to allow the analyst to decide whether an attack
was 
successful or not... :(

I don't see any mention of a switch to RH for CSIDS on Cisco's website,
so 
I'm a little confused...

Best Regards,
Alex.
-- 
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9



------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.

Visit us at: 
http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_04
0303
------------------------------------------------------------------------
----





Blue Cross Blue Shield of Florida, Inc., and its subsidiary and affiliate companies are not responsible for errors or 
omissions in this e-mail message. Any personal comments made in this e-mail do not reflect the views of Blue Cross Blue 
Shield of Florida, Inc.  The information contained in this document may be confidential and intended solely for the use 
of the individual or entity to whom it is addressed.  This document may contain material that is privileged or 
protected from disclosure under applicable law.  If you are not the intended recipient or the individual responsible 
for delivering to the intended recipient, please (1) be advised that any use, dissemination, forwarding, or copying of 
this document IS STRICTLY PROHIBITED; and (2) notify sender immediately by telephone and destroy the document. THANK 
YOU.



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault