GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: Intrution Detection [7:67637] posted 04/29/2003
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


You did not specify which type of IDS you are looking at. A NIDS (network
IDS) or a HIDS (host IDS). Best practices say a mix of both. You also did
not specify if it was to be a single sensor or the network topology...ie..
DMZ etc. But be that as it may, you can pull it off pretty much on the cheap
with something like Tripwire for the HIDS and Snort (PureSecure) or the like
to get a clean package. If you really want to have some fun, toss a honeypot
into the DMZ to act as an early warning system :)

MikeS

www.packetattack.com


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=68220&t=67637
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx