Snort mailing list archives
Re: Experience with snort-based IDS like PacketAlarm?
From: "Miles Carpenter" <miles_carpenter () hotmail com>
Date: Thu, 05 Jun 2003 06:47:53 +0000
Hi, has anybody of you any experience with PacketAlarm or other
snort-based IDS?
I have tried the trial version of PacketAlarm and now I'm interested
in other
snort-based IDS and what other people think about it. Eduardo Rodrigue
I know 2 products, Sourcefire and PacketAlarm. The advantage of these kind of products is that you don't need to worry about patches and updates for operating system, middleware like webserver, database, snort, ... Mostly they have much more features than pure snort (especially PacketAlarm). Because of the above and the easy configuration it is from a commercial point of view better to use PacketAlarm or Sourcefire than pure snort. The difference between PacketAlarm and Sourcefire is first of all the pricing. PacketAlarm costs < 5.000 Euro, Sourcefire I think $20.000 for the manager and $10.000 for the sensor. PacketAlarm is very powerful and has a really nice user interface with a sophisticated rule-editor and event viewer. Compared to PacketAlarm Sourcefire is close by the native snort configuration files. So the user needs more knowledge about the snort configuration options. Ciao Miles Carpenter _________________________________________________________________Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Experience with snort-based IDS like PacketAlarm? Eduardo Rodrigue (Jun 03)
- Re: Experience with snort-based IDS like PacketAlarm? Patrick S. Harper (Jun 03)
- <Possible follow-ups>
- Re: Experience with snort-based IDS like PacketAlarm? Miles Carpenter (Jun 05)