[ossec-list] Re: Snort vs. OSSEC

[Jorge Augusto Senger <jorge@xxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Marty,

There's a good explanation about network and host based IDS here:

http://www.snort.org/docs/iss-placement.pdf

Jorge

Marty E. Hillman escreveu:
> I am not trying to start a flame war here - just trying to get a better
> sense of direction no how to best protect my network.  Does anyone know
> what the advantage to using OSSEC HIDS over Snort is?  
> 
> I have been playing with OSSEC quite successfully for the past week in a
> demo environment, but it seems to have stopped sending email alerts
> sometime last evening.  I thought since I would have to do a bunch of
> rebuilding that I might give other products a shot.
> 
> I need to monitor Windows and Cisco devices and like the aggregation of
> data and alerting functions within OSSEC.  Does anyone have experiences
> with other products that they would be willing to share?
> 
> Marty
> 
> 
> 
> This electronic mail (including any attachments) may contain information that 
> is privileged, confidential, and/or otherwise protected from disclosure to 
> anyone other than its intended recipient(s). Any dissemination or use of this 
> electronic email or its contents (including any attachments) by persons other 
> than the intended recipient(s) is strictly prohibited. If you have received 
> this message in error, please notify us immediately by reply email so that we 
> may correct our internal records. Please then delete the original message 
> (including any attachments) in its entirety. Thank you.
> 
> 
> 

- --


Jorge Augusto Senger
Gerência de TI
jorge@xxxxxxxxxxx
42 32252888 / 84015330




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFE+4ZO+4ZieRTShIMRAijJAKC+hcAPFVeaitKk2Ziae1CyVXcUDACfQmsd
qpc7035Lton1yjz6fIMDSGE=
=1+ei
-----END PGP SIGNATURE-----