ID Solutions

[Kyle Starkey <KSTARKEY () altera com>]

I know this may not be the right place for this, but I was hoping that some
one could recommend a piece of software that would take Cisco Network
Monitoring data and scan it for ID Signatures as an ongoign process.  I was
looking into host based ID, but the Net Ops group is implementing Network
monitoring so I thought I could piggy back their project and do net based
detection, then if I see attacks to a single IP I could drill down and
investigate that machine and its activites.  Any suggestions as to a
software package, open source or not, would be VERY much appreciated.  Also
any suggestions on why this is a BAD idea or better solutions given our
setup will also be greatly appreciated.  I need to get this implemented
before we lose anything important to our
"hard-crunchy-shell-soft-chewy-middle" approach to security.

Thanks for the advice

Kyle Starkey 
Information Security Group
kstarkey () altera com