http://com.pp.asu.edu/support/nmc/nmcdocs/nmc.html

he didn't get to finish it, but it's pretty much all there

we have a box doing this at work. i'll be setting up a box here to do the
same thing and tie it into bb, which is something plan on doing at work one
day.

our IDS system is on a 'special' port...it goes straight to the router for
the building, so we scan everything coming in/out of the building, but not
stuff within the building. it runs on caldera open linux on a 486 dx2-50
with 32m RAM and a few 850M hdds. here at home though, my box will be
running netbsd instead of linux...just a personal preference  <g>

marco

-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of Kevin
Brown
Sent: Thursday, October 12, 2000 8:58 PM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: Security Programs


I have been doing some research for my job looking at a few different
packages
regarding intrusion detection and system integrity.  I'd like some opinions
regarding some of the packages I have seen and looked at to date.  The first
is
Snort (www.snort.org).  It is a NIDS program for detecting attacks on a
network.  The other is Tripwire (www.tripwire.com).  It is a system
integrity
checker that keeps track of changes to files on a system.

Both these programs are multi platform which is what I need for the
environment
into which they will be implemented.  Does anyone have any pros/cons to
these
programs or suggestions for ones they consider better and why.  The programs
have to be able to run on Linux (x86, alpha, sparc, etc...), Solaris (x86
and
sparc) and possibly HP-UX.

________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post
to the list quickly and you use Netscape to write mail.

Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss