Hi!
I'm searching for an Intrusion Protection System... I used the IPS from Tiny Software (included in Tiny Firewall 5) now i'm searching for a new one.. can you help me ?
The X
Full Version: I Need An Ips
Take a look at this site:
http://www.all-internet-security.com/intrusion_detection/
I hope it gives a little help.
Bye,
sysadmin
http://www.all-internet-security.com/intrusion_detection/
I hope it gives a little help.
Bye,
sysadmin
hmm ok.. its a large list 
thx
thx
Surprised I didn't see snort on the list. (http://www.snort.org) check that out - I've had a lot of success with it in Linux and the windows port is supposed to be decent.
I've also used the GFI LANGuard which is on the list linked above, and it seems alright, although kinda bloated.
I've also used the GFI LANGuard which is on the list linked above, and it seems alright, although kinda bloated.
I personally use Snort (on a win2k3 box), and I'm really quite happy with it. It's not meant for a newbie, that's for sure though...
hmm i also suggest snort (the best one around!!) imo.
h11p://www.datanerds.net/~mike/snort.html
that link is for the win32 ported version as the original one is *nix
Greetz
h11p://www.datanerds.net/~mike/snort.html
that link is for the win32 ported version as the original one is *nix
Greetz
I would consider snort an Itrusion Detection System not an Intrusion Prevention System. Snort does nothing to stop the attacks.
True enough. How does an IPS differ from a firewall then?
Or are we talking about an IDS that dynamically configures a firewall?
Or are we talking about an IDS that dynamically configures a firewall?
| QUOTE (Maffuster @ Jan 13 2004, 07:44 PM) |
| True enough. How does an IPS differ from a firewall then? Or are we talking about an IDS that dynamically configures a firewall? |
my understanding is that an IPS is like and IDS that automatically shuts down traffic once an "attack" is detected. it's "active" where an ids is passive. the problem is of course false-positives generated by the IDS could lead to an unwanted stopping of traffic.
I guess we could get into a long debate here about IPS vs IDS and active vs passive and the annoyance of false-positives, but that won't get us anywhere.
I found an interesting article about using honeypots in place of IDS for detection: http://www.securityfocus.com/infocus/1690
while again this is a limited method and won't actively block possible attacks like an IPS would, it's yet another option.
Checkmate is the only only Intrusion Protection System i have ever used and i loved it. I miss my T2 connection at home. 
its not worth having for my current connection.
its not worth having for my current connection.
First of all why you need an IDS system ( are you a corporation or a home user ? )
It is very important the answer of this question because based on it it is posible to define an IDS arhitecture. ( IDS are quite different depend of what you need and what you want ).
It is very important the answer of this question because based on it it is posible to define an IDS arhitecture. ( IDS are quite different depend of what you need and what you want ).
thanks sysadmin for the site
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
