IDS mailing list archives
RE: Experience security-information-management
From: José Luis Jerez <jljerez () telefonica net>
Date: Thu, 17 Nov 2005 07:55:16 +0100
Hi, OSSIM is a distribution of open source products that are integrated to provide an infrastructure for security monitoring. OSSIM aims to unify network monitoring, security, correlation and qualification in one single tool. Using Snort, Acid, Mrtg, NTOP, OpenNMS, nmap, nessus and rrdtool. The user have full control over every network or security aspect. http://www.ossim.net/ Jose Luis -----Original Message----- From: klaus.dombrofsky () degussa com [mailto:klaus.dombrofsky () degussa com] Sent: lunes, 14 de noviembre de 2005 10:18 To: focus-ids () securityfocus com Subject: Experience security-information-management Hi folks, Has anyone already experiences with a security-information-tool like ArcSight/Open Service or similar ? We plan to evaluate systems, which are able to read different logfiles ( ids, firewall, ..... ) to extract possible relations to find possible intrusion-trials. At the moment i see tons of logfiles, which can not be checked anymore and i cannot imagine that a tool is able to check these files AND is able to find valuable informations and relations. Maybe someone of you already has positive or negative experiences. Or there are important points, which should be checked in an evaluation. Klaus ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- Experience security-information-management klaus . dombrofsky (Nov 14)
- RE: Experience security-information-management etrust_scm (Nov 16)
- RE: Experience security-information-management José Luis Jerez (Nov 17)
- <Possible follow-ups>
- RE: Experience security-information-management mhellman (Nov 17)