mailing list archives
Re: [PEN-TEST] IDS
From: "Dunker, Noah" <NDunker () FISHNETSECURITY COM>
Date: Tue, 12 Sep 2000 12:37:19 -0500
One good thing to do would be to check out some of the pen-test archives,
as there was a rather lengthy thread about the IDS arena. Check here
(sorry for the long-winded URL):
Personally, I dont' keep much Intrusion detection stuff in my "toolbox",
but at home, I stick with things like snort, and PortSentry. In real
life, There are tons of different commercial packages being used, and
only a handful of the commercial packages are worth looking at. All
of them are, IMHO, overpriced.
"Scheduled usage" confuses me a little. for the most part, IDS's run
around the clock, and notify admins when certain things happen.
Network Security Engineer
* This document may contain views and opinions that are my own, and
not that of my employer.
From: Alt, Brandon [mailto:cheshire () DOTNOW COM]
Sent: Tuesday, September 12, 2000 1:18 AM
To: PEN-TEST () SECURITYFOCUS COM
As far as IDS I know the basics. What I'd like to know is about the specific
tools. What is out there for each platform? Is there anything that will
multi-platform? What does everyone have in their toolkits? What type of
do you perform(schedules, responses, etc)?
Thanks in advance.
http://www.dotNow.com ... totally free Internet access is here!
- [PEN-TEST] IDS Alt, Brandon (Sep 12)
- <Possible follow-ups>
- Re: [PEN-TEST] IDS Dunker, Noah (Sep 12)