[Dshield] IPS/IDS solutions--your opinions?
Tom
dshield at oitc.com
Thu Jan 24 23:07:41 GMT 2008
At 6:06 AM -0600 1/24/08, Albert Gonzalez wrote:
>Another thing to mention the sourcefire appliances also have the
>ability to monitor and parse upto 8gb/sec with their beefier boxes
>(IS5800). Although I've also seem shops tune
>/modify OSS Snort to be able to handle gb/s.
We've done a number of snort configs for 1 and 2 Gbps links. They
work great. We've also config'd them to monitor and cut power to a
switch to insure exfiltration does not happen from highly sensitive
area nor does certain types of penetration.
Tom
--
Tom Shaw - Chief Engineer, OITC
<tshaw at oitc.com>, http://www.oitc.com/
US Phone Numbers: 321-984-3714, 321-729-6258(fax),
321-258-2475(cell/voice mail,pager)
Text Paging: http://www.oitc.com/Pager/sendmessage.html
AIM/iChat: trshaw at mac.com
The policy of relying on market forces that the Bush administration
claimed for seven years would propel broad access is irresponsible
and insufficient
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. Benjamin Franklin
More information about the list
mailing list