From owner-freebsd-security Tue Mar 25 10:23:34 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2ADB137B401 for ; Tue, 25 Mar 2003 10:23:30 -0800 (PST) Received: from gi.sourcefire.com (gi.sourcefire.com [206.103.225.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id 350E443FA3 for ; Tue, 25 Mar 2003 10:23:29 -0800 (PST) (envelope-from nigel@sourcefire.com) Received: from enterprise.sfeng.sourcefire.com ([10.1.1.143]) (AUTH: PLAIN nhoughton, ) by gi.sourcefire.com with esmtp; Tue, 25 Mar 2003 13:23:27 -0500 Date: Tue, 25 Mar 2003 13:23:23 -0500 (EST) From: "Nigel Houghton " Reply-To: nigel.houghton@sourcefire.com To: GiZmen Cc: "freebsd-security@FreeBSD.ORG" Subject: Re: portsentry vs snort In-Reply-To: <20030325180901.GA3420@blurp.one.pl> Message-ID: References: <20030325180901.GA3420@blurp.one.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=-15.7 required=5.0 tests=IN_REP_TO,REFERENCES,USER_AGENT_PINE autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Apples and oranges :) In brief: Portsentry listens for connections on various ports and can respond to portscanning attempts. Snort is a lightweight IDS that you can use to detect miscreant behaviour directed at your network. Both will generate logs for your perusal. ------------------------------------------------------------- Nigel Houghton Security Engineer Sourcefire Inc. I believe you said: :Hi everyone, : :Can anybody write something about these two IDS. :I dont know which one is better for freebsd 5.0 :Im red something about these programs and i dont know which to chose on by :freebsd box. :I heard that snort is recommendet software for FBSD is that true ? : :Thanks for any sugestions. : :-- :Best Regards: : GiZmen : :To Unsubscribe: send mail to majordomo@FreeBSD.org :with "unsubscribe freebsd-security" in the body of the message : To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message