I do believe it is in the best interest of the Cisco engineers to also push
their products.
-Original Message-
From: Kent Hundley [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 14, 2003 10:35 AM
To: [EMAIL PROTECTED]
Subject: RE: Snort versus Cisco IDS [7:62939]
The term "team
> I've also had trouble with RedHat...with Snort as well as other apps. I
> switched to FreeBSD and have been very pleased so far.
Interesting... I'll give that a try... thanks mate!
JR
--
Johnny Routin
)?)
-
""Craig Columbus"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PRO
: Friday, February 14, 2003 12:56 AM
To: [EMAIL PROTECTED]
Subject: RE: Snort versus Cisco IDS [7:62939]
The thing that makes SNORT so powerful is the attack rules which are
updated almost daily. Also, you can not beat the price. Simply find an
unused PC, install Linux and install Snort. The software
.ins.com
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Paul
Borghese
Sent: Friday, February 14, 2003 12:48 AM
To: [EMAIL PROTECTED]
Subject: RE: Snort versus Cisco IDS [7:62939]
Do not forget about the open source scanner Nessus (www.
lto:[EMAIL PROTECTED]]
> > Sent: Thursday, February 13, 2003 4:39 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Snort versus Cisco IDS [7:62939]
> >
> >
> > On Thu, 2003-02-13 at 00:06, Priscilla Oppenheimer wrote:
> > > Someone told m
: Thursday, February 13, 2003 5:06 AM
Subject: Snort versus Cisco IDS [7:62939]
> Someone told me in an authoritative voice today that Cisco doesn't
recommend
> their IDS. They recommend Snort. Is this really true? Isn't Cisco's IDS a
> big part of SAFE?
>
> Of
4:39 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Snort versus Cisco IDS [7:62939]
>
>
> On Thu, 2003-02-13 at 00:06, Priscilla Oppenheimer wrote:
> > Someone told me in an authoritative voice today that Cisco doesn't
> recommend
> > their IDS. They recommend Snort. Is
. Never forget Rules 1 & 2.
-Original Message-
From: Kent Hundley [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 4:39 PM
To: [EMAIL PROTECTED]
Subject: Re: Snort versus Cisco IDS [7:62939]
On Thu, 2003-02-13 at 00:06, Priscilla Oppenheimer wrote:
> Someone told m
ACID (http://acidlab.sourceforge.net/) or SnortSnarf.
Paul Borghese
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Will Gragido
Sent: Friday, February 14, 2003 12:02 AM
To: [EMAIL PROTECTED]
Subject: RE: Snort versus Cisco IDS [7:62939]
Not to mention the
]
Subject: RE: Snort versus Cisco IDS [7:62939]
comments in-line:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 12, 2003 9:06 PM
To: [EMAIL PROTECTED]
Subject: Snort versus Cisco IDS [7:62939]
Someone told me in an authoritative voice today that
PTSS CCDA MCP
9450 W. Bryn Mawr Ave.
Suite 325
Rosemont, Il 60018
www.ins.com
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Kent
Hundley
Sent: Thursday, February 13, 2003 3:39 PM
To: [EMAIL PROTECTED]
Subject: Re: Snort versus Cisco IDS
On Thu, 2003-02-13 at 00:06, Priscilla Oppenheimer wrote:
> Someone told me in an authoritative voice today that Cisco doesn't
recommend
> their IDS. They recommend Snort. Is this really true? Isn't Cisco's IDS a
> big part of SAFE?
>
Whomever told you this:
1) Is extremely naiive (one Cisco eng
I've also had trouble with RedHat...with Snort as well as other apps. I
switched to FreeBSD and have been very pleased so far.
At 06:32 PM 2/13/2003 +, you wrote:
>I've been having trouble with Snort on Red Hat and I've searched high and
>low and can't find a resolution. My alert file grows
IL PROTECTED]]
Sent: Thursday, February 13, 2003 12:20 PM
To: [EMAIL PROTECTED]
Subject: RE: OT Re: Snort versus Cisco IDS [7:62939]
Thanks for all the replies. It's very helpful to get a feel for the
differences. To quickly synthesize what I've read, I would say that
Cisco's
IDS is
I've been having trouble with Snort on Red Hat and I've searched high and
low and can't find a resolution. My alert file grows to 2GB very quickly and
then crashes the process. I've seen one or two mentions of this same issue
in NG searches but haven't found a resolution. So like someone already sa
Cisco IDS [7:62939]
Thanks for all the replies. It's very helpful to get a feel for the
differences. To quickly synthesize what I've read, I would say that Cisco's
IDS is an enterprise, end-to-end solution, with improving reliability and
ease-of-use. Snort, on the other hand, is more
ct: RE: OT Re: Snort versus Cisco IDS [7:62939]
Thanks for all the replies. It's very helpful to get a feel for the
differences. To quickly synthesize what I've read, I would say that Cisco's
IDS is an enterprise, end-to-end solution, with improving reliability and
ease-of-use
There is a windows port of Snort, but I've never used it, so I can't tell
you much about it from personal experience.
Those I know who've tried it usually recommend sticking with Unix.
Your mileage may vary, but you might have an easier time getting snort
running on FreeBSD since there's a very
Thanks for all the replies. It's very helpful to get a feel for the
differences. To quickly synthesize what I've read, I would say that Cisco's
IDS is an enterprise, end-to-end solution, with improving reliability and
ease-of-use. Snort, on the other hand, is more appropriate for the midsize
or sma
There are also some very nice prebuilt Snort sensors with a GUI from the
following vendors.
www.sourcefire.com
www.silicondefense.com
www.packetalarm.com
I have had the opportunity to evaluate and configure products from all
three, and they have done an excellent job of bringing Snort to the mas
Backing up what Craig said, Snort is probably better performing in
terms of cost/performance than almost all the IDSes out there,
including Cisco. It does not have a end to end solution to make
one's life easier though, at least not out of the box.
Of course, you will need some sort of a unix
comments in-line:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 12, 2003 9:06 PM
To: [EMAIL PROTECTED]
Subject: Snort versus Cisco IDS [7:62939]
Someone told me in an authoritative voice today that Cisco doesn't recommend
thei
Having installed and worked with both products, I think that Cisco's
offering is more comprehensive, but Snort is highly reliable and much
cheaper.
It doesn't have some of the features of the Cisco product (dynamic
shunning), but for most small to medium sized businesses (like the kind I
work wi
I have to concur with Anan with how nice the new interfaces are to
maneuver. Last week I had the pleasure of taking the new IDS course version
3.0 and had a chance to work with the parts. They were fairly easy to learn
and produce results. If you only have a few sensors the IEV (IDS Event
Viewer
I work on most of Cisco IDS devices. At the beginning, when the ids was just
new, you could only operate it from the Director which need as u know HP
open view and Unix machine which was not easy compared with other IDS. Then
Cisco came out with the CSPM 2.3 which in my opinion was really a headach
Someone told me in an authoritative voice today that Cisco doesn't recommend
their IDS. They recommend Snort. Is this really true? Isn't Cisco's IDS a
big part of SAFE?
Of course, the person who said this doesn't understand that Cisco is a huge,
chaotic organism, and that saying Cisco does somethi
26 matches
Mail list logo