For Dragon Sensor & Squire:

1- NIDS and HIDS, respectively.

2- Can be installed remotely using SSH. If you do it this way, the
installation is just as fast and easy as a local installation.

3- All Sensors and Squires on your network can be updated through the Dragon
Server interface. Through the graphical interface you can update all or some
of the IDSes at the same time. You can also edit the network configuration
files, and edit signatures remotely via the interface. Help for editing
signatures is built into the interface.

4- All of #3 is done through a TCP Blowfish tunnel. #2 would require SSH, of
course.

Is this what you were looking for?

-gary

-----Original Message-----
From: Talisker [mailto:TaliskerNETWORKINTRUSION.CO.UK]
Sent: Friday, January 19, 2001 12:03 PM
To: FOCUS-IDSSECURITYFOCUS.COM
Subject: IDS - Remote Install/update

Hi

Whilst working on the central console page I was wondering how many IDS can
be installed/updated remotely, ordinarily I try to do installs in situ, but
this week I installed BlackICE half way round the world via a satellite link
I was quite impressed with the speed and ease. Has anyone looked into this?
My questions are:
Is it HIDS or NIDS or Personal Firewall
Can it be installed remotely?
Can it be updated remotely?
Does the security of the remote host need to be reduced for the install, if
so how much, and in what way?

Any issues I've missed?

Andy
http://www.networkintrusion.co.uk
Talisker's Network Security Tools List
                    '''
                 (0 0)
  ----oOO----(_)----------
  | The geek shall |
  | Inherit the earth |
  -----------------oOO----
               |__|__|
                  || ||
              ooO Ooo
taliskernetworkintrusion.co.uk

The opinions contained within this transmission are entirely my own, and do
not necessarily reflect those of my employer.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]