Re: [Snort-users] Acid and HSC
This is a discussion on Re: [Snort-users] Acid and HSC within the Snort forums, part of the System Security and Security Related category; On Mon, 08 Nov 2004 16:07:24 +0800, sam wun <sam.wun@authtec.net> wrote: > Hi, &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-08-2004
|
|||
|
|||
Re: [Snort-users] Acid and HSC
On Mon, 08 Nov 2004 16:07:24 +0800, sam wun <sam.wun@authtec.net> wrote:
> Hi, > > I found that current version of Acid is nearly useless for security analyst. Acid can't even provide functions allow security analyst to inspect tcp/ip payload. > > Does HSC offer this type of analysis? > > Thanks > Sam ACID can analyze packet payload, if you configured the database logging correctly. However, if you want to practice true NSM (Network Security Monitoring) I suggest you to take a look at Sguil (www.sguil.net), which offers a range of features that is of interest when you are investigating a possible intrusion or compromise. Best regards Michael Boman ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
