Intrusion Detection Systems mailing list archives
Re: IDS
From: Matt.Riddell () madison co nz (Matt Riddell)
Date: Thu, 4 Nov 1999 11:02:23 +1200
-={> I think the simplest solution is an IDS on a dedicated machine.
-={>
-={> e.g.: ISS Real Secure Engine + Monitor
-={>
-={> What do you think about ??
-={The "network engine" (sensor) is better left alone and it is probably
-={wiser to have to monitor/console application run on a separate server.
-={Otherwise your GUI and DB queries will slow down the (busy) sensor and
-={possibly increase your dropped packets.
only problem with that is you can end up with situations where your IDS
drops packets and your server doesn't or the reverse.
Matt
Current thread:
- IDS kbashir () engro com (Oct 31)
- Re: IDS Emmanuel Gadaix (Nov 01)
- <Possible follow-ups>
- Re: IDS Matt Riddell (Nov 03)
- The story of a small boy ... sealed envelops ... Max (Nov 08)
- IDS Stefano Maifreni (Nov 11)
- Re: IDS: Jackie Chan (Nov 11)
- Re: IDS: Marcus J. Ranum (Nov 11)
- Network Computing IDS article Ron Gula (Nov 12)
- Re: IDS: Jackie Chan (Nov 11)
- RE: IDS Comp (Nov 12)
- Re: RE: IDS Ryan Permeh (Nov 18)