From: Burak DAYIOGLU (burak.dayioglu@pro-g.com.tr)
Date: Tue 22 Jul 2003 - 14:37:30 EEST
Cisco Secure IDS icerisinde Snort calisiyor olabilir mi?
-----Forwarded Message-----
From: Axel Eble <Axel.Eble+CISSPForum@Balrog.DE>
To: cisspforum@yahoogroups.com
Subject: Re: [cisspforum] IDS products comparison?
Date: 25 Jun 2003 21:45:50 +0200
Am Mittwoch, 25.06.03 um 20:02 Uhr schrieb Simpson, Coby:
> The 4.0 version of Cisco Secure IDS (network appliance) is now running
> on RedHat Linux (kernel 2.4). The kernel is highly modified by Cisco,
> to make it act similar to the rest of Cisco's products (CLI).
the CLI has nothing to do with the kernel which does seem to be pretty
much a stock 2.4.18.
What I've seen of the Blade Version 2 it looks pretty neat and if I had
to venture a guess I'd say Cisco is using some variant of snort.
It's possible both to use the CLI that looks like IOS and a real shell
access. So all in all, it seems to be a best-of-both-worlds approach. I
haven't seen it out in the wild so far but hope to someday.
-- Burak DAYIOGLU Danisman, Pro-G Bilisim Guvenligi ve Arastirma Ltd. Phone: +90 312 2101494 Fax: +90 312 2101493 http://www.pro-g.com.tr ICQ UIN: 72276975