Focus on IDS Mode:
(Page 1 of 199)  1 2 3 4 5 6 7 8 9 10 11  Next >
Re: Ideal IDS/IPS 2011-06-07
krymson gmail com
I'll take a stab!

I would say there are two sorts of audiences for IDS/IPS: Those who care and those who want it to run on its own with as little care and feeding as possible. For those that care, I'm not actually all that concerned about false positives as I think a good analyst team should alwa

[ more ]  [ reply ]
Re: Ideal IDS/IPS 2011-06-06
Nikhil Manampady (nikhil manampady paladion net)
> You can also check if the IDP has a NIC bypass feature which actually makes the IDP work as normal switch (no traffic monitoring) in case of a power failure.
> Thanks & Regards,
> Nikhil Manampady,
> Security Consultant,
> Paladion Networks.
> On Thu, Jun 2, 2011 at 8:50 AM, snort us

[ more ]  [ reply ]
Ideal IDS/IPS 2011-06-02
snort user (snort user gmail com) (1 replies)
What would we like to have in an ideal IDS/IPS system? I am not
restricting the list to existing approaches such as signature based,
anomaly based, statistical or specification based IDS. Just trying to
get the wish list sort of. Any feedback is much appreciated.

Low false negatives - maximize de

[ more ]  [ reply ]
Re: Ideal IDS/IPS 2011-06-06
Michal Zalewski (lcamtuf coredump cx)
pytbull, an IDS/IPS Testing Framework 2011-05-24
Sebastien Damaye (sebastien damaye gmail com)

I thought you might be interested in pytbull (

pytbull is an Intrusion Detection/Prevention System (IDS/IPS) Testing
Framework for Snort, Suricata and any IDS/IPS that generates an alert
file. It can be used to test the detection and blocking capabilities
of an

[ more ]  [ reply ]
Deployed Grid based Intrusion Detection System solutions?? 2011-05-09
Mayank.2.Bhatnagar (MBhatnagar ipolicynetworks com)
Hi all,

Just wanted to know which are the deployed and currently used Grid based IDS systems.
I have heard about some academic projects, but since could not get further updates, so positing here.

Distributed IDS systems, evolving to serve high computing and networked Grids, are they being trusted

[ more ]  [ reply ]
Re: host sensors needed? 2011-05-04
stcroix111 netscape net
As I am sure you could have predicted, my answer is that it depends. There are more security options available in a HIDS solution that you won't find when using the tools that you mention in your post such as being able to do behavioral analysis of the software executing on the server. For example,

[ more ]  [ reply ]
host sensors needed? 2011-04-20
Shang Tsung (shangtsung71 gmail com)
I know there is no clear answer to the below question, but I would
like to have some views and opinions.

We are considering whether to install Host IDS Sensors on webservers.
Having them is better security for sure. However, does the added
security worth the extra cost and burden to the server/netw

[ more ]  [ reply ]
Re: Installing Snort in Proventia GX 2011-04-08
susurros07 (susurros07 gmail com)
Hi All,

I have to quit my little project. I still think that its possible to
do it but i dont have the time to realize it.
Thanks for your interest.


On Fri, Apr 8, 2011 at 7:05 AM, Laurens Vets <laurens (at) daemon (dot) be [email concealed]> wrote:
> Hello,
>> I am thinking in install a new Linux Distribution in  a

[ more ]  [ reply ]
Installing Snort in Proventia GX 2011-04-05
sergio delgado (susurros07 gmail com) (2 replies)
Hi All,

I am thinking in install a new Linux Distribution in a Proventia IDS.
I don't find any documentation, have anyone tried?



P.D: Sorry about my english, i will thank you if you find any mistake.

Securing Yo

[ more ]  [ reply ]
Re: Installing Snort in Proventia GX 2011-04-06
Mark Teicher (mark teicher gmail com)
Re: Installing Snort in Proventia GX 2011-04-06
Laurens Vets (laurens daemon be)
New Tool: 'Patriot NG 2.0' 2011-02-23
Yago Jesus (yjesus security-projects com)
Patriot is a 'Host IDS' tool which allows real time monitoring of
changes in Windows systems and Network attacks.

Patriot monitors:
Changes in Registry keys: Indicating whether any sensitive key
(autorun, internet explorer settings...) is altered.
New files in 'Startup' directories
New Users in the

[ more ]  [ reply ]
[ISECOM-HACKERHIGH] Sharpen Your Security Skills! 2011-02-15
Pete Herzog (pete isecom org)

There are 2 new seminars available next month held at the Troopers
conference in Heidelberg, Germany, starting March 28.

"Smarter Safer Better" is for anyone, really anyone, who wants to
understand how the human mind works to make better trust and security
decisions. Think of it as the ulti

[ more ]  [ reply ]
New release of Unhide (2011-01-13) 2011-02-07
Yago Jesus (yjesus security-projects com)
Unhide is a forensic tool to find hidden processes and TCP/UDP ports
by rootkits / LKMs or by other hidden techniques.

// Unhide (ps)

Detects hidden processes. Six different techniques implemented:

- Comparing /proc vs /bin/ps output
- Comparing information gathered from /bin/ps with information

[ more ]  [ reply ]
(Page 1 of 199)  1 2 3 4 5 6 7 8 9 10 11  Next >


Privacy Statement
Copyright 2010, SecurityFocus