General discussion

Locked

Alternative solution for IDS?

By jchou714 ·
Without an Intrusion Detection System, is there any other way to achieve what the IDS might provide?

Thank you!

Jessica

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Alternative solution for IDS?

by Pokhylchenko In reply to Alternative solution for ...

The exact answer is NO. But if the reason for question is $price$ of commercial IDS's (Cisco, etc.), then I'd suggest to take a look at SNORT, this is freeware under any free Unix.

Collapse -

Alternative solution for IDS?

by jchou714 In reply to Alternative solution for ...

The reason is about time frame and sort of about considering the budget. We are evaluating the IDS and try to find what is the best for us. However, before the IDS implementation completes, is there any actions we should take first?

Thank you.Jessica

Collapse -

Alternative solution for IDS?

by Pokhylchenko In reply to Alternative solution for ...

Before implementing IDS you might as well strenghten firewalling. BTW, in Cisco routers there is small IDS feature in firewalling part. It can be enough for you.

Collapse -

Alternative solution for IDS?

by jchou714 In reply to Alternative solution for ...

Hi! Thank you for your reply. Below is something I found at cisco's web site. So, I would like to know whether it was saying something that could be really implemented with Cisco PIX?
quote
The integrated intrusion-protection capabilities in Cisco PIX Firewalls protect today's networks from many popular forms of attacks, including Denial-of-Service (DoS) attacks and malformed packet attacks. Using a wealth of advanced intrusion-protection features, including DNSGuard, FloodGuard, FragGuard, MailGuard, and TCP intercept, in addition to looking for more than 55 different attack "signatures," Cisco PIX Firewalls keep a vigilant watch for attacks, can optionally block them, and can notify administrators about them in real time. Additionally, Cisco PIX Firewalls support virtual packet reassembly, searching for attacks that are hidden over a series of fragmented packets.
unquote

Thank you

Collapse -

Alternative solution for IDS?

by LordInfidel In reply to Alternative solution for ...

Sort of, but it depends on what you are looking for.

If these are 2K machines that you are monitoring, you can monitor the event logs.

http://tinyurl.com/52kj is the latest 2k security guidlines released. It has a tool in it for monitoring the event logs from mulitple locations.

Other then that, snort is free and so is tripwire.

Collapse -

Alternative solution for IDS?

by jchou714 In reply to Alternative solution for ...

Poster rated this answer

Collapse -

Alternative solution for IDS?

by jchou714 In reply to Alternative solution for ...

This question was closed by the author

Back to Security Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums