Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

focus-ids logo IDS mailing list archives

Re: Vulnerability and IDS
From: "Chris Kirschke" <durnie () hushmail com>
Date: Tue, 30 Dec 2003 11:49:36 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Take a long hard look at the Lightning product from Tenable Security...
I'm currently trying to integrate it with Guarded Net's NeuSecure product,
 details to follow...

durnie

On Tue, 30 Dec 2003 08:43:29 -0800 Krzysztof Zaraska <kzaraska () student uci agh edu pl>
wrote:

On Mon, 29 Dec 2003, Kal wrote:


Hello Listees,


Hi,


Are there any products that support matching IDS alerts to
Vulnerability scanner results?


Prelude's (www.prelude-ids.org) frontend ships with a Perl script,



nsr2flt.pl which takes output of the Nessus scanner and converts
it to a
filter that can be applied to the alert database to see alerts relevant
to
a given service.

There's also a set of stand-alone scripts doing the same thing available
at: http://www.rstack.org/oudot/prelude/correlation/

Unfortunately I am unable to authoritatively comment on details
of these
solutions, but I'm sure that a question sent to prelude-user mailing
list
will give you a competent answer. :-)

[Standard disclaimer: I may be biased because of personal involvement
in
the Prelude project.]

// Krzysztof Zaraska * kzaraska (at) student.uci.agh.edu.pl
// http://mops.uci.agh.edu.pl/~kzaraska/ * http://www.prelude-ids.org/
// A dream will always triumph over reality, once it is given the
chance.
//             -- Stanislaw Lem




----------------------------------------------------------------
-----------
----------------------------------------------------------------
-----------




-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3

wkYEARECAAYFAj/x1wsACgkQ3UH5NRolsbZWeACdHWryrleQUJqtw066NaAQIEwnE64A
n3WsMC/yh2cVI5RJySJy8fO6UO0M
=WY0c
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
---------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]