Focus on IDS
Setting up Arcsight/Tripwire Apr 07 2009 08:15AM
venkatesh selvaraju gmail com (2 replies)
Re: Setting up Arcsight/Tripwire Apr 07 2009 10:10PM
Randal T. Rioux (randy procyonlabs com) (2 replies)
Re: Setting up Arcsight/Tripwire Apr 08 2009 07:21PM
Mike Lococo (mikelococo gmail com)
Re: Setting up Arcsight/Tripwire Apr 08 2009 07:20PM
Aseem Kumar (kumaraseem gmail com) (1 replies)
Is SPLUNK also similar to ArcSight, as it also captures different logs
and provides reports.
If they both are similar....then which one is better suited in terms
of easy implementation/configuration.

Regards
Aseem

On Wed, Apr 8, 2009 at 3:40 AM, Randal T. Rioux <randy (at) procyonlabs (dot) com [email concealed]> wrote:
>
> On Tue, April 7, 2009 4:15 am, venkatesh.selvaraju (at) gmail (dot) com [email concealed] wrote:
> > Dear All,
> >
> > I was wondering if anyone has any standard rules and policies which can
> > be instantly deployed & added to Arcsight ESM for monitoring Windows,
> > UNIX, database and network devices. I understand the rules vary and are
> > specific to the OS and n/w devices. We have to setup the rules and
> > commission Arcsight in our company. If anyone has prior hands-on using
> > Arcsight or if you have any literature, please share.  Also, if you have
> > any docs on how to setup rules on Tripwire tool for file integrity
> > checking please share the information. Thank you in advance.
>
> ArcSight doesn't so much depend on rules, like an IDS. The agents just
> grab log/event data and the main engine fondles it to make pretty charts
> and correlations. The real benefit is in writing/modifying policies to get
> you the info you want. Write me offlist if you'd like help with anything
> ArcSight.
>
> As for Tripwire, that very much depends on your environment. Here is a
> good tutorial:
>
> http://www.linuxjournal.com/article/8758
>
> Also, if you haven't already implemented Tripwire, give Osiris and Samhain
> a look.
>
> Randy
>
>
>
>

--
Love enables you to put your deepest feelings and fears in the palm of
your partner's hand, knowing they will be handled with care.

[ reply ]
RE: Setting up Arcsight/Tripwire Apr 08 2009 08:54PM
David Henning (David Henning hughes com)
Re: Setting up Arcsight/Tripwire Apr 07 2009 04:26PM
Paul Schmehl (pschmehl_lists tx rr com) (2 replies)
Re: Setting up Arcsight/Tripwire Apr 18 2009 03:05PM
Stephen Mullins (steve mullins work gmail com)
RE: Setting up Arcsight/Tripwire Apr 08 2009 04:48PM
Rivera, Angel L. (arivera mitre org)


 

Privacy Statement
Copyright 2010, SecurityFocus