Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: IDS, EDS...

IDS, EDS... 13 years 9 months ago #452

What IDS (Intrusion detection software) and EDS (exploit detection software) is used and is recommended by forum members?

Thanks in advance
The administrator has disabled public write access.

IDS, EDS... 13 years 4 months ago #453

  • James1830
  • James1830's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
I've had good luck with a product called "Snort". It has a nice web interface called "Acid" that makes quick checks a breeze.
The administrator has disabled public write access.

Re: IDS, EDS... 13 years 2 months ago #817

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
As a network based intrusion detection system, snort is considered the best
www.snort.org

As a host based IDS, I use tripwire for file integrity checking.

I'm not sure what an EDS is, could you elaborate or point out the difference..
Though I would recommend some tool that regularly scans logfiles, for example CERT has a tool that scans logs for traces that log cleanup tools leave -- an instant indication that you've got a problem. There are lots of automated log scanners out there for all platforms.

Sahir
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
The administrator has disabled public write access.

Re: IDS, EDS... 13 years 2 months ago #826

  • Manip
  • Manip's Avatar
  • Offline
  • Frequent Member
  • Posts: 50
  • Karma: 0
If you have a windows machine then BlackIce isn't bad..... Although snort isn't hard to setup, blackice is like setting up any other windows firewall (piss easy)
The administrator has disabled public write access.

Re: IDS, EDS... 13 years 2 months ago #828

  • tfs
  • tfs's Avatar
  • Offline
  • Expert Member
  • Posts: 521
  • Karma: 0
Couldn't recommend one as I haven't used one myself. It mainly seems to deal with email security. The following link seems to be the same explanation of it. I looked at a couple of other links and they are the same article. GFI seems to be the main company that deals with it. How good it is I couldn't tell you.

www.gfi.com/mailsecurity/wpexploitengine.htm
Thanks,

Tom
The administrator has disabled public write access.

Re: IDS, EDS... 13 years 1 month ago #944

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
Blackice the firewall sucked pretty bad, in fact it even failed leaktest (www.grc.com) i don't know about blackice IDS and its capabilities. I know that sygate personal firewall has some rudimentary IDS capability.. it picks up on known attacks.
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.083 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup