But to send them it has to detect them right. My question is how is it detecting it. I managed to get something going now using the IP audit commands and am seeing some IDS warnings in the log such as ICMP.
I have snort systems running, but am just curious about the PIX abilities.
-----Original Message-----
From: BorisP_Maillistdude [mailto:[EMAIL PROTECTED]]
Sent: 17 September 2001 02:31
To: [EMAIL PROTECTED]
Subject: RE: Pix Intrusion Detection
PIX does only send events to IDS. Cisco has other products to take care of
IDS-business.
It wouldn't make much sense to run IDS on the same box as the firewall or
even worse... have the firewall do IDS (formerly named NetRanger for
example).
Have a look at the following page:
http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/
Pix sends Syslog messages ... and that's it.
--------------------------------------
Boris Pavalec
Gesch�ftsf�hrer, VRP
Network / System Engineer MCSE & MCT
HCS - Highend Computing Systems AG
Hohlstrasse 216
CH-8004 Z�rich
Phone: + 41-1 240 29 50
Fax: + 41-1 240 29 59
eMail: [EMAIL PROTECTED]
--------------------------------------
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Johnston Mark
Sent: Monday, September 17, 2001 1:22 PM
To: [EMAIL PROTECTED]
Subject: Pix Intrusion Detection
Hi all,
Do you know if the pix 6.0 has built in IDS capabilities ? I'm looking at
the ip audit commands and am trying to figure out whats what. If it is can
you please send me an example. In the mean time I'm going to battle on.
Thanks
Mark
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
