Brian, We can both justify and afford a commercial IDS but choose Snort. What do see as drawbacks to Snort?
Do you have a connection to the Internet? If so, what makes you think you don't need an IDS? Get Snort up and running. You might be surprised. We're running Snort on a Sun 220R. I think I prefer it on Unix, not on an NT/2K box. Well, enough of my mindless rabble... Ken >>> "Brian Zeitz" 06/14/02 03:02PM >>> I read that the 2600 router (or definitely higher model routers) have IDS built in, but if you bought any Pix Firewall it wouldn't have IDS. Am I mistaken on this? So the most people who want IDS who cannot afford / justify (just yet) and IDS box are using Snort? I have a pix 515UR, and if I read correctly, it has the capabilities to interface to an IDS box, but it is not an IDS box itself. Also, if I use Snort as an IDS, will the pix be able to recognize it? Maybe Microsoft will come out with a tool of this nature, which is free (not really free, but included with OS) like some of the built in components in 2000. [snip] I found a document that will allow me to install Snort on Windows 2000, that is my current plan for implementing IDS. Can anyone give me the pros and cons of Snort Vs. Cisco IDS system? What other alternatives should I be looking at. My company does not really need an IDS as of yet, but I am doing this just for fun and for learning about security/IDS. Hope my pro-Microsoft attitude is OK in the group. I like working on routers and security, and don't spend a lot of time tweeking around with Operating Systems. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46648&t=46639 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]