Security Basics mailing list archives
Re: Network IDS
From: "Adam Newhard" <atnewhard () microstrain com>
Date: Mon, 18 Aug 2003 09:01:37 -0400
I don't have an answer to your question on Symantec, but you may wanna pick up the most recent issue of 2600 (2600.org). You can usually buy a copy at a local barnes and noble or just off their site. There's a pretty decent article (or at least a starting position) on writing an IDS for IIS. It's probably not exactly what you're looking for and you probably don't wanna write the thing from scratch yourself, however, it might prove somewhat beneficial to you if you ever need to do something custom that the program doesn't stop. adam ---------------------------------------------------- Adam Newhard Microstrain, Inc. If vegetarians eat vegetables, watch out for humanitarians ----- Original Message ----- From: "Duston Sickler" <dustons () charter net> To: <security-basics () securityfocus com> Sent: Friday, August 15, 2003 1:30 PM Subject: Network IDS
Hello, I would like to thank in advance everyone who is out of the office. I really do like to hear about it. The Network Administrator for the company I work for has charged me to locate a Network Intrusion Detection System. We do have a monitored firewall between us and the outside world. We need something to protect
our
servers from anyone coming from the inside. We have about 20 Windows 2000 Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations. We live in a 100% Windows world and the powers that be will not be
receptive
to any *nix solutions. We are more the willing to pay for a top of the
line
product as long is it is in fact top of the line. Currently I have been looking at the Symantec Gateway Device. We like the idea of a stand alone piece of hardware. The only problem is we already have a gateway server washing our email of viruses and 99% of Spam. Does anyone have any comments on the Symantec Gateway device? We have had excellent experiences with there Gateway software and NAV Corp. Does
anyone
have a different or better device that they could point me towards? I would like to thank everyone who replies to this post. I have learned a great deal being on this list the last year and will continue to
appreciate
all the expertise that is freely given here. Duston Sickler CompTIA A+ Certified "Cedo nulli." --------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Network IDS Duston Sickler (Aug 15)
- Re: Network IDS Logan Rogers-Follis - TNTNetworx.net (Aug 16)
- Re: Network IDS Duston Sickler (Aug 16)
- Re: Network IDS Gabriel Orozco (Aug 16)
- Re: Network IDS cc (Aug 16)
- RE: Network IDS Stuart (Aug 16)
- Re: Network IDS Andy Cuff [talisker] (Aug 18)
- Re: Network IDS Lukas Sosnovec (Aug 18)
- Re: Network IDS Adam Newhard (Aug 18)
- Re: Network IDS Attila Nagy (Aug 22)
- Re: Network IDS Gopinath (Aug 25)
- <Possible follow-ups>
- RE: Network IDS Krueger, Brian (Aug 16)
- Re: Network IDS Duston Sickler (Aug 16)
- expert? (was: Re: Network IDS James W. Meritt (Aug 18)
- Re: Network IDS Schneider Sebastian (Aug 18)
- Re: Network IDS -SIMON- (Aug 27)
- RE: Network IDS McGill, Lachlan (Aug 18)
- RE: Network IDS Meidinger Chris (Aug 18)
- RE: Network IDS Dave Killion (Aug 26)
- Re: Network IDS Logan Rogers-Follis - TNTNetworx.net (Aug 16)