Information about Security

Networking/Security Forums -> Firewalls // Intrusion Detection - External Security

Author: SECINT PostPosted: Tue Mar 30, 2010 11:46 am    Post subject: Information about Security
    ----
Hello everyone,

It's been several days that I am researching the IDS / IPS (intrusion detection / prevention system) and this is the software for me so lot:

SNORT -
-PRELUDE
BRO -
OSSEC -
OSSIM -

My question:

What is for you the most comprehensive tools to detect an intrusion and then act on the attack?

Have you ever experience with these tools and there are there other more interesting?

Thank you in advance for your reply

Author: gnix PostPosted: Mon Apr 05, 2010 8:38 am    Post subject:
    ----
Snort is the de facto standard for IDS/IPS. As any security professional will tell you, Snort is an excellent tool for real-time traffic analysis, packet logging, detection of attacks such as buffer overflows, and prevention of attacks.

gnix

Author: eladl PostPosted: Tue Apr 06, 2010 3:03 am    Post subject:
    ----
Snort is a great solution for an open source software you can set up on any server, though there are excellent hardward IDS/IPS available in the market.

OSSEC is more of an HIDS and is a great tool as well, but is configured localy on the server/host.

Whereas OSSEC is HIDS, Snort is NIDS (Network IDS) and operates at the network level.

Author: abrahamj PostPosted: Mon Sep 20, 2010 11:02 am    Post subject:
    ----
You try the Ax3soft Sax2, it is a professional network intrusion detection (IDS) and intrusion prevention system (IPS) to detect variety of attacks, including SQL inject attacks, worms, backdoor Trojans, ARP spoof, CGI/WWW attacks, DoS/DDoS, password guessing and so on.



Networking/Security Forums -> Firewalls // Intrusion Detection - External Security


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group