Security Basics mailing list archives
expert? (was: Re: Network IDS
From: "James W. Meritt" <meritt_james () bah com>
Date: Mon, 18 Aug 2003 08:47:18 -0400
Is it not the case that you (generic 'you' refers to IT advanced IT employee) are better with your network and your specific problem than the ones you are likely to get if you call? "Good, fast, cheap - pick two" sign on wall Jim Duston Sickler wrote:
Snort was my first recommendation. However the Network Administrator is of the attitude that free software = cheap or lower class software. He also didn't like the fact the there was no tech support we could call. Duston Sickler CompTIA A+ Certified "Cedo nulli." ----- Original Message ----- From: "smyrum" <smyrum () bresnan net> To: "'Duston Sickler'" <dustons () charter net> Sent: Saturday, August 16, 2003 12:05 PM Subject: RE: Network IDSNot certain if you consider Snort with an ACID interface to be a *nix solution. It does work the work it's intended to do with a great deal of flexibility on the user's part. Packet sniffing can be tuned to suit your needs. We use it on a Class B network and I doubt that you could find a better product. It is not a plug and play solution, but neither is network security. -----Original Message----- From: Duston Sickler [mailto:dustons () charter net] Sent: Friday, August 15, 2003 11:30 AM To: security-basics () securityfocus com Subject: Network IDS Hello, I would like to thank in advance everyone who is out of the office. I really do like to hear about it. The Network Administrator for the company I work for has charged me to locate a Network Intrusion Detection System. We do have a monitored firewall between us and the outside world. We need something to protect our servers from anyone coming from the inside. We have about 20 Windows 2000 Servers, 5 NT 4 Servers, and 250 Windows 2000/Thin Net workstations. We live in a 100% Windows world and the powers that be will not be receptive to any *nix solutions. We are more the willing to pay for a top of the line product as long is it is in fact top of the line. Currently I have been looking at the Symantec Gateway Device. We like the idea of a stand alone piece of hardware. The only problem is we already have a gateway server washing our email of viruses and 99% of Spam. Does anyone have any comments on the Symantec Gateway device? We have had excellent experiences with there Gateway software and NAV Corp. Does anyone have a different or better device that they could point me towards? I would like to thank everyone who replies to this post. I have learned a great deal being on this list the last year and will continue to appreciate all the expertise that is freely given here. Duston Sickler CompTIA A+ Certified "Cedo nulli." ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003--------------------------------------------------------------------------- ----------------------------------------------------------------------------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Network IDS, (continued)
- Re: Network IDS Gabriel Orozco (Aug 16)
- Re: Network IDS cc (Aug 16)
- RE: Network IDS Stuart (Aug 16)
- Re: Network IDS Andy Cuff [talisker] (Aug 18)
- Re: Network IDS Lukas Sosnovec (Aug 18)
- Re: Network IDS Adam Newhard (Aug 18)
- Re: Network IDS Attila Nagy (Aug 22)
- Re: Network IDS Gopinath (Aug 25)
- RE: Network IDS Krueger, Brian (Aug 16)
- Re: Network IDS Duston Sickler (Aug 16)
- expert? (was: Re: Network IDS James W. Meritt (Aug 18)
- Re: Network IDS Schneider Sebastian (Aug 18)
- Re: Network IDS -SIMON- (Aug 27)
- RE: Network IDS McGill, Lachlan (Aug 18)
- RE: Network IDS Meidinger Chris (Aug 18)
- RE: Network IDS Dave Killion (Aug 26)