Snort mailing list archives
RE: Demark PureSecure questions
From: "Nick Duda" <nduda () VistaPrint com>
Date: Fri, 5 Mar 2004 06:51:22 -0500
As I wrote to Sam directly, Puresecure sucks. At least when they offered the free "non commercial" version about 6-7 months ago. Why do i think it sucks? well its a snort box , so it does the job, and it has a decent interface....i think it sucks because of how puresecure hacked the traditional snort configuration up. Getting any normal snort add on or even doing basic configuration outside of the puresecure interface is horrible. Puresecure reads/merges the .rules into the snort.conf in the MySQL DB. This gave me numerous problems if I wanted to do any type of automated rule updates and script updates. I was always forced to modify the DB temp file , export the DB , make changes and restart the app. The only thing thats going for PureSecure is the interface.... its...well.... pretty (and thats all). However, I for one dont sit at a gui console watching stuff. I mean i have ACID going but purely for statistics. All other alerting and the likes I have dont via console or email. The cost to run PureSecure commericaly is huge also, when you can do the same thing with building it yourself. Also rule updating is only allowed via puresecure interface.... good luck trying to implement the current rules from snort.org directly if you run modified rulesets. - Nick _____ From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Ridlon, Michael Sent: Thursday, March 04, 2004 2:15 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Demark PureSecure questions Hate to tell you this Sam, but no one on here knows anything about Puresecure. I asked a question about it a few weeks ago and all I got was a smartass reply. Good luck, Mike On Thu, 2004-03-04 at 11:14, sam () neuroflux com wrote: Hello all. I am currently evaluating the Demarc Puresecure product, which appears to be a full featured centralized maangement interface for Snort. I was wondering if anyone else out there is using the product in a production environment, and if so, what are your experiences with it? Thanks! -Sam ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click <http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click> _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users <https://lists.sourceforge.net/lists/listinfo/snort-users> Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users <http://www.geocrawler.com/redir-sf.php3?list=snort-users>
Current thread:
- Demark PureSecure questions sam (Mar 04)
- Re: Demark PureSecure questions Ridlon, Michael (Mar 04)
- Re: Demark PureSecure questions Kristofer T. Karas (Mar 04)
- <Possible follow-ups>
- RE: Demark PureSecure questions Nick Duda (Mar 05)