Intrusion Detection Software

Discussion in 'other firewalls' started by doozaNET, Feb 22, 2005.

Thread Status:
Not open for further replies.
  1. doozaNET

    doozaNET Registered Member

    Joined:
    Feb 22, 2005
    Posts:
    2
    Location:
    Austria [Sbg]
    Hi all!

    First of all I've to say that I'm a newbie to security issues - I know some theory but hardly any experience.

    I've been told to look up and test an Intrusion Detection Software for our company.
    I'm accustomed to BlackICE (4 yrs ago) which I think is a great tool.

    Can you recommend me some tools? What about SNORT?

    Thanks for help and advice

    doozaNET
     
  2. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    two freebies: protowall and blocklist manager.
     
  3. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Snort is an open source intrusion detection system. Very powerfull, not really for newbies. Snort is regularly installed on linux systems (sometimes by default, as on the ipcop firewall system) and there is a Windows installer too.
    Lots of info at snort.org
     
  4. doozaNET

    doozaNET Registered Member

    Joined:
    Feb 22, 2005
    Posts:
    2
    Location:
    Austria [Sbg]
    Thanks for info - I'll have a look!
     
  5. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Another nice, distributed, open source IDS is prelude, although I don't quite get the correct status right now...
     
  6. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    www.puresecure.com

    Uses Snort, among many other nice features it is simple to install and get running :D

    It is free for personal use...
     
  7. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    I've been using a combination of Snort, Apache, MySQL and BASE on a W2K machine for quit sometime. On the last site you will find a few installation guides for some of the most common BASE/Snort setups.
     
  8. Arup

    Arup Guest

    How bout the latest Peer Guardian 2, works nicely unlike Prowall which has huge problems loading its driver. Works with Blocklist Manager quite well.
     
  9. Dem0n

    Dem0n Guest

    The trouble with IDS is that not many people know how to conigure it properly, as the person up the top stated that they have relatively no expirience with IDS
    brings me to the following conclusion and advice. IDS is not for everyone and even those who it is meant for have to spend a lot of time configuring it, usually people will generally run IDS for 2 days before giving up and turning it off.

    I suggest that people run a firewall an AV and an anti-spyware application, which with some common sense will steer you clear of most nasty's.


    Thanks
     
Loading...
Thread Status:
Not open for further replies.