Results 1 to 5 of 5

Thread: Eagle X v2.0 Available

  1. #1
    Senior Member
    Join Date
    Aug 2002
    Posts
    651

    Eagle X v2.0 Available

    Here's another one - packaged together for ease of implementation. Never tried it, but I'd be interested in hearing what you guys think of it - for those that have used it.

    Eagle X v2.0, a pre-configured IDS system for Windows platform, is out
    on http://www.engagesecurity.com.
    It includes free software and a configuration tool will help you to
    adapt it to your host/network environment very easily.

    Product page: http://www.engagesecurity.com/products/idscenter
    Download: http.//www.engagesecurity.com/downloads

    What's new compared to Eagle X 1 ?

    Snort 2.0 is used and PHP was updated to 4.3.2, IDScenter 1.1 RC3 is
    included also. Snort is still installed as Windows service and IDScenter
    is used
    to manage and configure it. Online update feature is activated by
    default using Oinkmaster from Andreas Östling.

    IDScenter 1.1 RC3 has now an threaded AlertMail function and can also
    send reports from the database server:
    you only have to provide the queries in your template mail message or
    use the standard SQL queries of IDScenter.
    The HTML output can also be generated locally to a file using a
    template. The viewer can be choosed of course (Internal log viewer /
    Standard browser / Other browser software).

    Software included (Credits are give online on
    http://www.engagesecurity/products/eaglex)
    Snort 2.01 Build 88
    IDScenter 1.1 RC3
    Apache 1.2.27
    PHP 4.3.2
    MySQL 3.23.55
    ACID 0.9.6b23
    JPGraph 1.9.1
    Oinkmaster 0.8 Win32 (modificated, Original script by Andreas Östling) WinPCAP 3.0 final
    Opinions are like holes - everybody\'s got\'em.

    Smile

  2. #2
    Senior Member
    Join Date
    Aug 2002
    Posts
    547
    For what i read in the web page that displays the information and the snapshoots it seems to be a very complete IDS System for windows. I would also like to recommend Eeye Retina Network security Scaner , i worked with that program . you can customize the audits like in many others and it has a nice GUI and many other cool options, the problem is the price.
    http://www.eeye.com/

    I will try Eagle X v2.0 and return with some feedback

  3. #3
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    Yes, eEye retina reminds me of nessus for windows. It is a nice program, but also $$.

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  4. #4
    Senior Member
    Join Date
    Mar 2003
    Posts
    372
    I have used IDS Center before, which was the predecessor to Eagle X and it was ok. It was kind of clunky and hard to configure correctly, and most of the documentation was in French not English so that made things difficult.

    But looking at Eagle X 2.0 it seems pretty cool. I have a spare MS box sitting around that needed to have something done with it, so I will download Eagle X 2.0, configure it on that machine, and then write a review of it in a couple of weeks. I'll post a link to the new thread I create in this thread.

    Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

  5. #5
    Senior Member
    Join Date
    May 2003
    Posts
    115
    actually all the documentation is done by eclipse from engagesecurity, and they're written in english. ueli is a major contributor to the ids arena supporting snort, and eagle is wrapped up with apache, mysql, php, snort with idscenter. i configured this box pretty quickly. really nice configuration...

    they also have engage packet builder for testing various tcp/upd/icmp for testing.

    what was the post about retina? retina is a va not an ids. although eeye is packaging some programs like ids, but not the true form. like iris has a function called the guard where it actually act as a packet sniifer/static filter... just my .02

    -w0rm3y

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •