Re: CRIME Does anyone have any tips on Intrusion Detection with Solaris?

From: Toby (toby@private)
Date: Thu Aug 08 2002 - 09:21:42 PDT

  • Next message: Toby: "Re: CRIME Legal info on carnivore"

    The classic IDS for Solaris is Emerald:
    http://www.sdl.sri.com/projects/emerald/
    
    But before I send out a ton of links, which do you want? HIDS or NIDS?
    There are a number of options for each. Axent/Symantec offers both a 
    Linux & a Solaris agent last I checked.
    
    t
    
    Shaun Savage writes:
    
    > I have designed my own NIDS system using snort, SELinux,  and my own GUI 
    > based on Mozilla XUL.  I have added snort into the TCP stack for better 
    > performance. Now I can filter packet before they get to snort.  This 
    > allows less work for snort.
    > 
    > Shaun
    > 
    > Eric Kornberg wrote:
    > 
    > >Thank you in advance.
    > >As a second choice - we could use Linux.
    > >
    > >
    > >
    > >Eric Kornberg - ViableLinks
    > >National Account Manager
    > >7409 SW Tech Center Drive
    > >Tigard, Oregon 97223
    > >(503) 670-8007 Voice
    > >(503) 639-0530 Fax
    > >(503) 407-7973 Cell
    > >ekornberg@private
    > >www.viablelinks.com
    > >
    > >
    > >
    > >----------------------------------------------------------------------------
    > >---------------
    > >VIABLELINKS is a reseller for HP/Compaq - IBM - Toshiba - Lexmark - Sony -
    > >Okidata and More.
    > >A Service Center for HP/Compaq - Toshiba - Dell - IBM - Lexmark and Okidata.
    > >With a Technical Services Department - Field to Enterprise Technicians
    > >----------------------------------------------------------------------------
    > >---------------
    > >
    > >
    > >
    > >  
    > >
    > 
    > 
    > 
    



    This archive was generated by hypermail 2b30 : Thu Aug 08 2002 - 10:35:38 PDT