Brian.WilsonBNSF.COM

• Next message: Jason Tackaberry: "Re: Intrusion Detection Logfile Software"
• Previous message: Ron Gula: "Re: Intrusion Detection Logfile Software"
• Maybe in reply to: Wally Hass: "Intrusion Detection Logfile Software"
• Next in thread: Jason Tackaberry: "Re: Intrusion Detection Logfile Software"
• Maybe reply: Wilson, Brian F: "Re: Intrusion Detection Logfile Software"
• Reply: Jason Tackaberry: "Re: Intrusion Detection Logfile Software"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I would suggest installing an actual IDS.

If your pocketbook is thin, you can go for the obvious no-cost solution of
Snort+aracNIDS?

Snort mixed with aracNIDS will allow you to do what you appear to be hinting
at in your message: Customizable Alerting.

http://www.snort.com
http://www.whitehats.com/ids/ids.html

Hope this helps,
Brian Wilson

-----Original Message-----
From: Wally Hass [mailto:whassNETWORKTHINKING.COM]
Sent: Tuesday, October 10, 2000 12:46 PM
To: FOCUS-IDSSECURITYFOCUS.COM
Subject: Intrusion Detection Logfile Software

Hello,
Does anyone know of any software that will parse your firewall/webserver
logfiles and alert you to any suspicious activity? I use Webtrends for
Firewalls, but find it fairly basic in this area. For example, I would like
to know if anyone tried to connect via PCAnywhere to my server.

It would also be nice if alerted you via e-mail.

Thanks,
Wally Hass
Network Thinking Solutions, Inc.

• Next message: Jason Tackaberry: "Re: Intrusion Detection Logfile Software"
• Previous message: Ron Gula: "Re: Intrusion Detection Logfile Software"
• Maybe in reply to: Wally Hass: "Intrusion Detection Logfile Software"
• Next in thread: Jason Tackaberry: "Re: Intrusion Detection Logfile Software"
• Maybe reply: Wilson, Brian F: "Re: Intrusion Detection Logfile Software"
• Reply: Jason Tackaberry: "Re: Intrusion Detection Logfile Software"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]