I am very familiar with both Sn0rt and NFR, each again has it pluses and
minuses. NFR 5.0 has a much improved UI and a lot better performance than
previous versions and sometimes a little bit less cumbersome than
Sn0rt. For an expert commercial Network Intrusion Detection System, that
has lots of flexibility and the ability to create unique signatures, NFR is
one the few IDS that can hold it's own against the competition..
At 11:29 AM 12/5/00 -0600, Ron DuFresne wrote:
>As stated before to the list, we found the cisco product to be a poor
>solution. They lack a scripting language, so there is no real ability to
>tune them. We found them to be awfully noisey in that they constantly set
>off false positives. Of course, I have to admit, I felt they were also
>deployed in the wrong place, but, this still holds water. Stick with
>snort or move to nfr, something you can tune to your specific
>environment.
>
>Thanks,
>
>Ron DuFresne
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
