I was just about to plug snort :)
--- Johnston Mark <[EMAIL PROTECTED]> wrote:
> But to send them it has to detect them right. My
> question is how is it
> detecting it. I managed to get something going now
> using the IP audit
> commands and am seeing some IDS warnings in the log
> such as ICMP.
>
> I have snort systems running, but am just curious
> about the PIX abilities.
>
> -----Original Message-----
> From: BorisP_Maillistdude
> [mailto:[EMAIL PROTECTED]]
> Sent: 17 September 2001 02:31
> To: [EMAIL PROTECTED]
> Subject: RE: Pix Intrusion Detection
>
>
> PIX does only send events to IDS. Cisco has other
> products to take care of
> IDS-business.
>
> It wouldn't make much sense to run IDS on the same
> box as the firewall or
> even worse... have the firewall do IDS (formerly
> named NetRanger for
> example).
>
> Have a look at the following page:
>
> http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/
>
> Pix sends Syslog messages ... and that's it.
>
> --------------------------------------
> Boris Pavalec
> Geschäftsführer, VRP
> Network / System Engineer MCSE & MCT
>
> HCS - Highend Computing Systems AG
> Hohlstrasse 216
> CH-8004 Zürich
>
> Phone: + 41-1 240 29 50
> Fax: + 41-1 240 29 59
> eMail: [EMAIL PROTECTED]
> --------------------------------------
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> Johnston Mark
> Sent: Monday, September 17, 2001 1:22 PM
> To: [EMAIL PROTECTED]
> Subject: Pix Intrusion Detection
>
>
> Hi all,
> Do you know if the pix 6.0 has built in IDS
> capabilities ? I'm looking at
> the ip audit commands and am trying to figure out
> whats what. If it is can
> you please send me an example. In the mean time I'm
> going to battle on.
> Thanks
> Mark
>
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
__________________________________________________
Terrorist Attacks on U.S. - How can you help?
Donate cash, emergency relief information
http://dailynews.yahoo.com/fc/US/Emergency_Information/
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls