Joined: Aug 14, 2003 Posts: 1699 Location: Mumbai, India.
Posted: Fri Oct 03, 2003 11:29 am Post subject:
As a network based intrusion detection system, snort is considered the best
www.snort.org [i think]
As a host based IDS, I use tripwire for file integrity checking.
I'm not sure what an EDS is, could you elaborate or point out the difference..
Though I would recommend some tool that regularly scans logfiles, for example CERT has a tool that scans logs for traces that log cleanup tools leave -- an instant indication that you've got a problem. There are lots of automated log scanners out there for all platforms.
If you have a windows machine then BlackIce isn't bad..... Although snort isn't hard to setup, blackice is like setting up any other windows firewall (piss easy)
Joined: Jul 22, 2003 Posts: 521 Location: Orange County, California
Posted: Fri Oct 03, 2003 9:27 pm Post subject:
Couldn't recommend one as I haven't used one myself. It mainly seems to deal with email security. The following link seems to be the same explanation of it. I looked at a couple of other links and they are the same article. GFI seems to be the main company that deals with it. How good it is I couldn't tell you.
Joined: Aug 14, 2003 Posts: 1699 Location: Mumbai, India.
Posted: Wed Oct 08, 2003 10:14 am Post subject:
Blackice the firewall sucked pretty bad, in fact it even failed leaktest (www.grc.com) i don't know about blackice IDS and its capabilities. I know that sygate personal firewall has some rudimentary IDS capability.. it picks up on known attacks. _________________ Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
http://tftfotw.blogspot.com
View next topic View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You can attach files in this forum You can download files in this forum
