IDS mailing list archives
snort tamandua or prelude ids
From: "Lee Sheng" <momosisco () hotmail com>
Date: Fri, 06 Aug 2004 18:37:16 +0800
All,Thanks to all of you who have answered my question, it's so nice to get so many suggestions nad helps from the community.
My another question is no doubt the snort is one of the best ids compare to other ids. However I really interested in the tamandua ids which implementing the boolean layer to detect the patent of the attack(less alse postive). Anyone have experiences in deploying tamandua ids and I would like to know whether tamandua ids is still active or the development of tamandua ids is already dead. If you have experience on deploying, hopefully you guys can share expericience with me. Then about the prelude IDS, prelude ids seems very complicated and I still not sure where to start. Anyone have any ideas cause now I still in the way of thinking which ids to deploy for the company. Snort, tamandua or prelude? Prelude seems more in depth on tracking what attacker try to do with HIDS as well. I've one and half years experience in snort (not in transparent mode of course). If I want to save my time, sure I will choose snort, however I would like to hear from you all. Thanks again.
Regards, Lee _________________________________________________________________Download ringtones, logos and picture messages from MSN Malaysia http://www.msn.com.my/mobile/ringtones/default.asp
-------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- snort tamandua or prelude ids Lee Sheng (Aug 06)
- Re: snort tamandua or prelude ids Olaf Gellert (Aug 09)