[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    RE: IDSs/IPSs and general monitoring with SNMP support built in
From:       "Andy Cuff" <lists () securitywizardry ! com>
Date:       2007-06-26 7:42:06
Message-ID: 001001c7b7c5$7e917250$0d00a8c0 () Talisker ! local
[Download RAW message or body]

Most of the commercial offerings will do this.  However, a decision you have
to make is do you want the traps to be sent from the agent or the manager,
there are advantages to both.  

I would suggest that you look at the Security Information Managers SIM
products and see what IDS and IPS they are compatible with.  Some do have
bespoke API's though most rely on input via SNMP.  Use their compatible
products list to narrow down your selection

Regards
Andy Cuff
Computer Network Defence Ltd
www.SecurityWizardry.com

> -----Original Message-----
> From: listbounce@securityfocus.com 
> [mailto:listbounce@securityfocus.com] On Behalf Of Linux Security
> Sent: 25 June 2007 20:16
> To: security-basics@securityfocus.com
> Subject: IDSs/IPSs and general monitoring with SNMP support built in
> 
> Hi All,
>  
> 
> I am trying to find open source IDSs/IPSs that can send SNMP 
> traps. The idea behind this is that there will be a 
> centralised system that will be receiving SNMP traps from our 
> Linux servers and will be doing the reporting. I am looking 
> as I write this post to aide, tripwire, chkrootkit, rkhunter 
> and still haven't find a way for them to send notifications 
> with snmp traps...
>  
> 
> Any ideas?
> 
> 
> 
>       ___________________________________________________________
> Yahoo! Answers - Got a question? Someone out there knows the 
> answer. Try it now.
> http://uk.answers.yahoo.com/ 
> 
> 
> 

[prev in list] [next in list] [prev in thread] [next in thread]