snort-users May 2009 archive
Main Archive Page > Month Archives  > snort-users archives
snort-users: Re: [Snort-users] Combine NIDS with HIDS

Re: [Snort-users] Combine NIDS with HIDS

From: omar hussein <omar811128_at_nospam>
Date: Sun May 31 2009 - 12:29:42 GMT
To: Stephen Mullins <steve.mullins.work@gmail.com>


Thanks for the reply.

I know that Snort is one of the best NIDS open source software's that can be used, any suggestion for HIDS open source software that can be used.. and would be compatable with Snort!!

Kindest Regards
Omar
London

On Sat, May 30, 2009 at 6:32 PM, Stephen Mullins < steve.mullins.work@gmail.com> wrote:

> You can use Snort in conjunction with a HIDS. In terms of aggregating
> the data, I think you would use an SIEM (Security Information and
> Event Manager), like ArcSight, and have feeds from both Snort and your
> HIDS into it.
>
> I don't think using a NIDS to cross-check or verify HIDS alerts is
> practical. I think the way to check a HIDS alarm is to remote into
> the system and check the file system etc.
>
> You could use the HIDS to cross-check NIDS alerts though, and that
> would make sense to me.
>
> Steve Mullins
>
> On Sat, May 30, 2009 at 11:46 AM, omar hussein <omar811128@gmail.com>
> wrote:
> > Hello gentleman,
> >
> > I was wondering of the ability of combining SNORT which is NIDS with HIDS
> > software, and make both works on the same system?
> >
> >
> >
> > And is this going to be useful and provide more security? i'm sure that
> will
> > depend on the mechanism that both software’s are going to use in order to
> > cooperate between each other. Like using the alarms resulted from one
> > software (like HIDS) and check it again by NIDS or vice versa.
> > Kindest Regards
> > Omar
> > MSc Wireless Commincations systems
> > London
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
> > is a gathering of tech-side developers & brand creativity professionals.
> > Meet
> > the minds behind Google Creative Lab, Visual Complexity, Processing, &
> > iPhoneDevCamp as they present alongside digital heavyweights like
> Barbarian
> > Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users@lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
>



Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com



Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users