|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Composite Patterns
From: Greg Shipley (gshipley
NEOHAPSIS.COM)Date: Tue Nov 28 2000 - 10:03:28 CST
- Next message: Young, Mike: "Cisco and ISS RealSecure"
- Previous message: Jacob Martinson: "Re: Composite Patterns"
- In reply to: Jacob Martinson: "Composite Patterns"
- Next in thread: Jacob Martinson: "Re: Composite Patterns"
- Reply: Greg Shipley: "Re: Composite Patterns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 28 Nov 2000, Jacob Martinson wrote:
> I am trying to find a decent NIDS that can detect fraggle, tfn, trinoo etc.
> Snort doesn't do composite patterns at this point and NetRanger requires
> that you run OpenView on the management console (as far as I can tell).
You can actually do two things with NetRanger to get rid of OpenView:
1. Deal with the alarms on the sensors themselves (they are text and
they just get pushed to the console anyway)
2. Use CSPM (Cisco Security Policy Manager - on win32)
For #2, however, I'm still trying to get it working. If/when the CSPM
guys get back to me I'll let you know. This might not really answer your
question though, in which case, ignore me.
:)
-Greg
- Next message: Young, Mike: "Cisco and ISS RealSecure"
- Previous message: Jacob Martinson: "Re: Composite Patterns"
- In reply to: Jacob Martinson: "Composite Patterns"
- Next in thread: Jacob Martinson: "Re: Composite Patterns"
- Reply: Greg Shipley: "Re: Composite Patterns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]