Security Basics mailing list archives
RE: IDSs/IPSs and general monitoring with SNMP support built in
From: "Andy Cuff" <lists () securitywizardry com>
Date: Tue, 26 Jun 2007 08:42:06 +0100
Most of the commercial offerings will do this. However, a decision you have to make is do you want the traps to be sent from the agent or the manager, there are advantages to both. I would suggest that you look at the Security Information Managers SIM products and see what IDS and IPS they are compatible with. Some do have bespoke API's though most rely on input via SNMP. Use their compatible products list to narrow down your selection Regards Andy Cuff Computer Network Defence Ltd www.SecurityWizardry.com
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Linux Security Sent: 25 June 2007 20:16 To: security-basics () securityfocus com Subject: IDSs/IPSs and general monitoring with SNMP support built in Hi All, I am trying to find open source IDSs/IPSs that can send SNMP traps. The idea behind this is that there will be a centralised system that will be receiving SNMP traps from our Linux servers and will be doing the reporting. I am looking as I write this post to aide, tripwire, chkrootkit, rkhunter and still haven't find a way for them to send notifications with snmp traps... Any ideas? ___________________________________________________________ Yahoo! Answers - Got a question? Someone out there knows the answer. Try it now. http://uk.answers.yahoo.com/
Current thread:
- IDSs/IPSs and general monitoring with SNMP support built in Linux Security (Jun 25)
- <Possible follow-ups>
- RE: IDSs/IPSs and general monitoring with SNMP support built in Andy Cuff (Jun 26)
- Message not available
- Fwd: IDSs/IPSs and general monitoring with SNMP support built in Matt Moore (Jun 27)
- Message not available