Penetration Testing mailing list archives
RE: OSSIM Fedback
From: Mark Lists <markd_lists () yahoo de>
Date: Tue, 13 Jun 2006 16:55:05 +0200 (CEST)
I tried to use OSSIM in the past without much success. The installation was horrible and it lacked some of the options I wanted (like being able to easily modify the code and configure it for my company "special" requirements). Since our main concern was with log correlation (from syslog and snort) we ended up writting our own perl/php code to handle that. Lately we have been looking again for an open source SIM solution and we found OSSEC (ossec.net) to be a very good solution. It has a very good syslog correlation and it also supports snort and fw logs. On the negative side, it does not have a web interface (but we are doing that by ourselves). thanks. Mark --- Koolk3 <koolk3 () gmail com> schrieb:
Hello everyone, I have been following these lists for some time now and have seen some messages on OSSIM (www.ossim.net) [Open Source Security Information Management]. It seems like a great product but lacks documentation and reviews on the Internet. I am looking for some feedback on the usefulness and practicaility (interms or maintenance and configuration) of this software. I am mainly interested in OSSIM as a corelation tool / log analysis for now. But if it works well as an IDS I would like to propose this as an alternative to commercial IDS to the management. Has anyone tried the latest version of the product (0.9.9)? Any feedback on installation and usability would be great. I would be very much interested in hearing your success or horror stories with this. I have searched the web for 3rd party reviews on this. Haven't found much. So if you know of any please let me know. Thanks. KoolK3
------------------------------------------------------------------------
Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
__________________________________________________ Do You Yahoo!? Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen Massenmails. http://mail.yahoo.com ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- OSSIM Fedback Koolk3 (Jun 12)
- Re: OSSIM Fedback Stefano Zanero (Jun 12)
- Re: OSSIM Fedback Dominique Karg (Jun 13)
- RE: OSSIM Fedback Strand, John (Mission Systems) (Jun 13)
- Re: OSSIM Fedback Stefano Zanero (Jun 15)
- Re: OSSIM Fedback Dominique Karg (Jun 13)
- RE: OSSIM Fedback Mark Lists (Jun 13)
- Re: OSSIM Fedback Stefano Zanero (Jun 12)