Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: cisco ids

  1. #11
    Senior Member
    Join Date
    Jul 2002
    wow. thanks bombay. i have 6509 and recently heard about those ids blades for them. i wasn't so sure about them myself, i would rather have a dedicated ids solution. i was thinking of the cisco ids solution as i am already using cisco routers, firewalls and switches. course, i know the beancounters would be happy for me to save some bucks on a cheap, reliable ids solution

    so..i've also been playing with snort, on a win box first, next i'll try it on a red hat box.

    the fun NEVER ends.....
    just making some minor adjustments to your system....

  2. #12
    Junior Member
    Join Date
    Jul 2002
    Nebulus: I did the testing on version 6. Although it wasn't amazing, it seemed to catch what it needed to at the time. The upgraded version is definitely better.

    Bombay: You're right. The IDS is only as good as the last update. Truth is, there's no substitute for having someone who understands the system monitor it regularly. Protocol anomaly is a good idea, but much like profiling and content filtering, it's going to generate a lot of false positives.

    IDS systems require a lot of tweaking and monitoring to work properly, even with only signatures in place. Protocol anomaly might just put it into the unusable category. I'd love to hear from someone whose actually set it up and used it for a while...

  3. #13
    Join Date
    Sep 2001
    Cisco's NIDS was never intended to be anything major and it couldn't be at any time. PIX was built without extensions in mind wich is plain stupid. They're attempt to fix it today is also plain stupid, it wont achive half what the OPSEC alliance has. They don't even have a protocol for intruder blocking to integrate with available NIDS as in the OPSEC's SAMP.

    Cisco stinks, their routers, switches and HA solutions are overcommed by Foundry and F5's kick-ass ****..

    --Chief TroubleMaker

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.