General discussion

Locked

Intrusion Detection System - NT4 Server

By RCC ·
Hi
I need to install an IDS on my 3 Internet connected hosts running NT 4 and Proxy 2 (latest SPs).I have been contemplating Cybercop from NAI but the product will not be ported to win2K. I'm looking for a product that will allowed (with single or multiple modules) for network-based IDS (packet filtering, scans, dDos), host-based IDS (file-integrity, daemon exploits, logins) as well as full NT security auditing-IDS (failed logins, attempts to access restricted resources, etc). I know this isthe dream-world, but CyberCop was doing it.
I had a look at NetworkICE, ISS, Centrax and a few more). None of these will do ALL i want, and the pricing is...not for the real world.
I'm contemplating building a Linux box with SNORT, but this willdo half of the job. I would like your opinions on this matter. I open to different product for different segments of the job.
Thank you in advance.
Regards,
Radu

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Intrusion Detection System - NT4 Server

by jay In reply to Intrusion Detection Syste ...

I suggest you use SNORT on Linux box. I
implement one Linux box for syslog server,
full monitoring with MRTG and full monitoring
with SNORT.
This box was monitoring 5 subnet (/2

Collapse -

Intrusion Detection System - NT4 Server

by RCC In reply to Intrusion Detection Syste ...

Thank you for the comment.

Collapse -

Intrusion Detection System - NT4 Server

by RCC In reply to Intrusion Detection Syste ...

This question was closed by the author

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums