Hi:
I have a PIX 515 and need to implement a IDS, what do you recomend?,
Thanks!!
Dev
>From: Johnston Mark <[EMAIL PROTECTED]>
>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>,
>[EMAIL PROTECTED]
>Subject: RE: Pix Intrusion Detection
>Date: Mon, 17 Sep 2001 14:57:34 +0200
>MIME-Version: 1.0
>Received: from [209.182.195.144] by hotmail.com (3.2) with ESMTP id
>MHotMailBD6F4037008A400431D5D1B6C390F8F20; Mon, 17 Sep 2001 06:06:01 -0700
>Received: from lists.gnac.net (localhost [127.0.0.1])by lists.gnac.net
>(Postfix) with ESMTPid 7FF9910415; Mon, 17 Sep 2001 06:05:21 -0700 (PDT)
>Received: from xmserver14.xmedia.ch (unknown [194.230.109.16])by
>lists.gnac.net (Postfix) with ESMTP id AE7A9103C7for
><[EMAIL PROTECTED]>; Mon, 17 Sep 2001 06:03:11 -0700 (PDT)
>Received: by xmserver14.xmedia.ch with Internet Mail Service
>(5.5.2653.19)id <S3DV418S>; Mon, 17 Sep 2001 14:57:39 +0200
>From [EMAIL PROTECTED] Mon, 17 Sep 2001 06:06:29 -0700
>Delivered-To: [EMAIL PROTECTED]
>Message-ID: <[EMAIL PROTECTED]>
>X-Mailer: Internet Mail Service (5.5.2653.19)
>Sender: [EMAIL PROTECTED]
>Errors-To: [EMAIL PROTECTED]
>X-BeenThere: [EMAIL PROTECTED]
>X-Mailman-Version: 2.0.5
>Precedence: bulk
>List-Help: <mailto:[EMAIL PROTECTED]?subject=help>
>List-Post: <mailto:[EMAIL PROTECTED]>
>List-Subscribe:
><http://lists.gnac.net/mailman/listinfo/firewalls>,<mailto:[EMAIL PROTECTED]?subject=subscribe>
>List-Id: Firewalls <firewalls.lists.gnac.net>
>List-Unsubscribe:
><http://lists.gnac.net/mailman/listinfo/firewalls>,<mailto:[EMAIL PROTECTED]?subject=unsubscribe>
>List-Archive: <http://lists.gnac.net/pipermail/firewalls/>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>
>But to send them it has to detect them right. My question is how is it
>detecting it. I managed to get something going now using the IP audit
>commands and am seeing some IDS warnings in the log such as ICMP.
>
>I have snort systems running, but am just curious about the PIX abilities.
>
>-----Original Message-----
>From: BorisP_Maillistdude [mailto:[EMAIL PROTECTED]]
>Sent: 17 September 2001 02:31
>To: [EMAIL PROTECTED]
>Subject: RE: Pix Intrusion Detection
>
>
>PIX does only send events to IDS. Cisco has other products to take care of
>IDS-business.
>
>It wouldn't make much sense to run IDS on the same box as the firewall or
>even worse... have the firewall do IDS (formerly named NetRanger for
>example).
>
>Have a look at the following page:
>
>http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/
>
>Pix sends Syslog messages ... and that's it.
>
>--------------------------------------
> Boris Pavalec
> Gesch�ftsf�hrer, VRP
> Network / System Engineer MCSE & MCT
>
> HCS - Highend Computing Systems AG
> Hohlstrasse 216
> CH-8004 Z�rich
>
> Phone: + 41-1 240 29 50
> Fax: + 41-1 240 29 59
> eMail: [EMAIL PROTECTED]
>--------------------------------------
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Johnston Mark
>Sent: Monday, September 17, 2001 1:22 PM
>To: [EMAIL PROTECTED]
>Subject: Pix Intrusion Detection
>
>
>Hi all,
>Do you know if the pix 6.0 has built in IDS capabilities ? I'm looking at
>the ip audit commands and am trying to figure out whats what. If it is can
>you please send me an example. In the mean time I'm going to battle on.
>Thanks
>Mark
>
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
_________________________________________________________________
Descargue GRATUITAMENTE MSN Explorer en http://explorer.msn.es/intl.asp
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
