IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Intrushield vs. ISS once more...

From: "Chris Brown" <chris () get-tuf com>
Date: Thu, 6 Jan 2005 08:54:54 -0000
Sure is, access to the central manager via a web browser.

-----Original Message-----
From: Jason [mailto:security () brvenik com] 
Sent: 06 January 2005 08:53
To: Chris Brown
Cc: focus-ids () securityfocus com
Subject: Re: Intrushield vs. ISS once more...



Chris Brown wrote:

Intrushield sends alerts to a central management server, Ethereal needs to
be installed on this.  Alerts are presented in a console and if you wish

to

drill down to view the captured packets Ethereal opens and is used to read
the packets.  During the install of the Intrushield manager software you
simply tell Intrushield the location of Ethereal.exe on your system.

So in answer to your Q, it is neither 1 or 2.



So you must have access to the central server in order to perform 
effective analysis? Is there not the concept of multiple people 
performing analysis?




--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: