[Dshield] WINSNORT

DigitalNation dshield at digitalnation.ca
Fri Feb 24 18:53:10 GMT 2006


Thanks Sue!

By necessity we run some WIN32 boxes and need to have some form of packet
capture and analysis. This looks pretty stable from what I have heard.

Again, many thanks for your comment.

------------------
M. McBride
Security Admin
DigitalNation
Vancouver, Canada
 


-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
On Behalf Of Sue Young
Sent: Thursday, February 23, 2006 11:18 AM
To: General DShield Discussion List
Subject: Re: [Dshield] WINSNORT


I run it successfully.  I run it as a service and use Base as a front end.
I'm seriously considering going with the professional RNA console but
running the free one is great for getting used to managing an IDS system.

Sue Young


-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
On Behalf Of DigitalNation
Sent: Tuesday, February 21, 2006 3:29 PM
To: 'General DShield Discussion List'
Subject: [Dshield] WINSNORT

Here's a question from a somewhat new-to-this member. 
 
Is WINSNORT a stable IDS for WIN32? (http://www.winsnort.com) 
 
Can you install it on an existing server? (the install instructions say to
install on new OS). I assume that would be for a gateway IDS system. Will it
work on a standalone box?
 
Any info or experiences with this would be much appreciated.
 
------------------
M. McBride
Security Admin
DigitalNation
Vancouver, Canada
 
_________________________________________
Learn about Intrusion Detection in Depth from the comfort of your own
couch:
https://www.sans.org/athome/details.php?id=1341&d=1

_______________________________________________
send all posts to list at lists.dshield.org To change your subscription options
(or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list


Statement of Confidentiality
 
The contents of this e-mail message and its attachments are intended solely
for the addressee(s) hereof.   In addition, this e-mail transmission may be
confidential and it may be subject to privilege protecting communications
between attorneys or solicitors and their clients.  If you are not the named
addressee, or if this message has been addressed to you in error, you are
directed not to read, disclose, reproduce, distribute, disseminate or
otherwise use this transmission.  Delivery of this message to any person
other than the intended recipient(s) is not intended in any way to waive
privilege or confidentiality.  If you have received this transmission in
error, please alert the sender by reply e-mail; we also request that you
immediately delete this message and its attachments, if any.  Grosvenor
Capital Management, L.P. and its related entities reserve the right to
monitor all e-mail communications through their networks.



_________________________________________
Learn about Intrusion Detection in Depth from the comfort of your own couch:
https://www.sans.org/athome/details.php?id=1341&d=1

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list





More information about the list mailing list