Thanks a lot for your support! Sorry but there are no direct intrusion detection capabilities on Sebek. Sebek provides the data that allows to inspect and correlate the intrusions detected by other mechanisms, such as through the Snort NIDS. Both tools run inside the GenIII Honeywall and its data is automatically correlated on the internal MySQL database.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/infocus/1855/77#77