[Dshield] IPS/IDS solutions--your opinions?
Harry Hoffman
hhoffman at ip-solutions.net
Wed Jan 23 21:07:38 GMT 2008
run cfengine/bcfg2/puppet on the machines... managing a single "class"
of machine becomes trivial.
Cheers,
Harry
CunningPike wrote:
> oinkmaster works for me...........
>
> CP
>
> Mar Matthias Darin wrote:
>> Hello,
>>
>> Pete Cap writes:
>>
>>> I love Snort but in my experience it doesn't scale well. Managing 150 Intrushield sensors is easy. Managing 150 Snort boxes...not so much.
>> Agreed. This has also been my biggest show-stopper as well. I manage way
>> too many machines to spend all day transfering sig files then logging in to
>> each of them to reset the IDS. I specifically look for software that I can
>> clusterize as it make my job a lot easier and faster.
>>
>> ---
>>
>> Logger: Taking control of system logs.
>> http://freshmeat.net/projects/slogger/
>> _________________________________________
>> SANS Security 2008 in New Orleans!! January 11-19 2008. Why freeze up north if you can be in New Orleans. http://www.sans.org/info/15826
> _________________________________________
> SANS Security 2008 in New Orleans!! January 11-19 2008. Why freeze up north if you can be in New Orleans. http://www.sans.org/info/15826
More information about the list
mailing list