WebProWorld Part of WebProNews.com
Page One Link To Us Edit Profile Private Messages Archives FAQ RSS Feeds  
Forum Index Search Engines Marketing Site Design IT Discussion eCommerce Center  

Go Back   WebProWorld > Webmaster, IT and Security Discussion > Internet Security Discussion Forum
Reload this Page Intusion detection whats out there what is good
Subscribe to the Newsletter FREE!
Register FAQ Members List Calendar Arcade Chatbox Mark Forums Read

Internet Security Discussion Forum This forum is for the discussion of security related issues. If you find a new Phishing scheme, spyware, virus or malicious site - let us know about it. If any of the above found you... here's where you ask for help.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 12-05-2005, 08:32 AM
netman4ttm's Avatar
WebProWorld Veteran
  

Join Date: Aug 2003
Location: Virginia
Posts: 386
netman4ttm RepRank 1
Default Intusion detection whats out there what is good
I am currently running Portsentry on a Centos 4 server. I have had several weeks of scans on port 445; someone must think Microsoft is in there somewhere. I am considering Snort 2.1 in place of Portsentry on all servers.
The problem.... before I leap I would like to know if there is an IDS that is better than Portsentry or Snort. Portsentry was my choice years ago, simply because the author of "Securing and Optimizing Linux" used it and detailed the setup.
__________________
"The future is here. It's just not evenly distributed.
Reply With Quote
  #2 (permalink)  
Old 12-05-2005, 12:59 PM
netman4ttm's Avatar
WebProWorld Veteran
  

Join Date: Aug 2003
Location: Virginia
Posts: 386
netman4ttm RepRank 1
Default
I am adding this to explain why I am considering moving from Portsentry.
Portsentry actually opens a lot of ports; every port it binds to are now reported open to a scanner.
Portsentry won't bind to a port that is actually in use; so it doesn't protect port 80 if I am really running a web server.
What I am looking for is an IDS that monitors the ports I had to open, but with Portsentry's ability to drop the offending scan.
__________________
"The future is here. It's just not evenly distributed.
Reply With Quote
  #3 (permalink)  
Old 12-05-2005, 06:49 PM
kgun's Avatar
WebProWorld 1,000+ Club
  

Join Date: May 2005
Location: Norway
Posts: 5,124
kgun RepRank 3kgun RepRank 3
Default You ask for intrusion protection on a server?
On a standalone Pc, I would personally prefer "Abtrusion Protector™ Personal Edition." It is free for home use.

http://www.abtrusion.com/

I do not know how good the "Abtrusion Protector™ Settings Server"

http://www.abtrusion.com/products.asp is.

The program is made in Sweden, http://www.abtrusion.com/founders.asp
Reply With Quote
  #4 (permalink)  
Old 01-05-2006, 01:45 PM
kgun's Avatar
WebProWorld 1,000+ Club
  

Join Date: May 2005
Location: Norway
Posts: 5,124
kgun RepRank 3kgun RepRank 3
Default What happened.
Here is an article that compares PortSentry and Snort
Reply With Quote
Reply

  WebProWorld > Webmaster, IT and Security Discussion > Internet Security Discussion Forum
Tags: , ,


« IE: Vulnerability in Graphics Rendering Engine | do trademarks apply to sub-domains? »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

WebProWorld | Advertise | About | Forum Rules | MVP's | Archive | Newsletter Archive | Top | WebProNews | Statistics
WebProWorld is an iEntry, Inc. ® site - © 2008 All Rights Reserved Privacy Policy and Legal
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509


All times are GMT -4. The time now is 01:50 PM.

Search Engine Optimization by vBSEO 3.2.0