On Tue, 2003-11-11 at 02:48, Chase Jeffery D wrote: > Hi everyone, Just wondering what Network intrusion detection software > is the best. I've heard the main two programs to use would be Snort > or Prelude and am wondering which of the two gives you more > flexibility(configuration) and better detection/reporting? > > Thanks for your help, > Jeff
I find prelude generates more data (ie: more things to decide on if it's something bad is really happening or if it's just a "hickup") then snort. Prelude is also a architecture/framework so you can correlate IDS data from NIDS, logs etc while snort is just a NIDS. Stay tuned, I am expecting to put newer builds in portage this week. Send me a ping privatly at [EMAIL PROTECTED] (or mboman on irc.freenode.org, usually on #prelude, #gentoo-hardened, #gentoo-dev, #snort and #snort-gui) if you want to become a pre-beta tester of my ebuilds. Of course others are welcome to apply for the pre-beta post as well ;) Best regards Michael Boman -- Michael Boman Security Architect, SecureCiRT Pte Ltd http://www.securecirt.com
signature.asc
Description: This is a digitally signed message part