[Dshield] Security in Layers

Dave Brookshire dsb at rlx.com
Wed Mar 24 18:54:31 GMT 2004

I recommend snort (http://www.snort.org).  It's powerful, and happily--free.  Commercial support is available if you're so interested.

-----Original Message-----
From: Graham Dodd [mailto:g.dodd at falk-ross.de]
Sent: Wednesday, March 24, 2004 12:01 PM
To: 'General DShield Discussion List'
Subject: [Dshield] Security in Layers

Hello all,

I want to add another layer to our network security and would appreciate
advice from the list.

Our setup is Cisco Router with appropriate ACL's, Linux firewall, DMZ for
mail server (running 2 x AV and SA), and webshop, and our internal network.

I would like to put a "box" on the internal network to watch for any
unauthorized activity, either someone who got through the outside, or a
worm doing it's dirty work from the inside.

My preference would be a Linux computer, but my main problem is I don't know
what software to run to provide the best detection. I don't want to start a
"mine is better than yours war" I would just like your experiences and
working solutions.

Thank you for any assistance,


Graham K. Dodd
Director of Operations
Falk & Ross GmbH

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

More information about the list mailing list