Hot Downloads

Welcome, Guest
Username: Password: Remember me


IDS 14 years 7 months ago #1154

  • pndennie
  • pndennie's Avatar
  • Offline
  • Frequent Member
  • Posts: 29
  • Karma: 0
I am looking to adding some intusion detection. I will be making it linux based. ANy ides on a good one to use? I have started looking at snort :shock:
The administrator has disabled public write access.

Re: IDS 14 years 7 months ago #1159

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
Heres a link to one of the other posts to the same question

As you can see, snort got the thumbs up as the network IDS :), you can also run tripwire over any important hosts you have (I'm sure theres a windows port of tripwire if you need it).

The art is in where you place it, lots of people think you can just point it at all incoming traffic right behind the router, but if you generate a sizeable amount of traffic you're gonna be loading down the IDS, and often they end up skipping packets because they're busy processing. Not to mention you'll probably get way more false positives this way.

Identify your crown jewels (as crude as that might sound) and position it to protect them best.

Sahir Hidayatullah. Staff - Associate Editor & Security Advisor
The administrator has disabled public write access.

Re: IDS 14 years 7 months ago #1190

  • tfs
  • tfs's Avatar
  • Offline
  • Expert Member
  • Posts: 521
  • Karma: 0
The nice thing about Snort is there are a few books that you can peruse at the bookstore on the program. Give you an idea on what is involved and whether you want to go in that direction.

Just sit down, kick back, have a brew (tea or coffee, I'm sure), and spend an hour checking it out.

The administrator has disabled public write access.
Time to create page: 0.122 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup