lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <017201c3c41b$4603a170$0a1210ac@sbnt.com>
From: misiu_ at gmx.de (misiu_@....de)
Subject: Symantec Manhunt ?

but if you need realy gigabit than you only have the new stuff from "nai"
IntruShield...
The 1204G Proventia can only do 600 mb afaik
you can install the nids not only throught proventia
also on a Windoze (shudder) or a linux (RH of course) box....
host sensors is available too....
has anomaly detection...
Explanations about the Alarm customizeable (????how do you spell) severity
of events etc. pp.

misiu


----- Original Message -----
From: "Clint Bodungen" <clint@...ureconsulting.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Tuesday, December 16, 2003 8:59 PM
Subject: Re: [Full-Disclosure] Symantec Manhunt ?


> >  Hi FD,
> >
> >  Is there someone who have already use the IDS : Symantec Manhunt 3 ?
> >
> >  In fact, I need information about it to know if it could replace a
> > snort 2.0...
> >
> >  Thanks a lot for any information about ManHunt.
> >
> >  Frederic Charpentier.
>
>
> Other than ManHunt being a commercial product (and Enterprise for that
> matter which means $$$$$), the
> biggest difference is its "anomaly-based detection".  Snort uses signature
> based detection which must be pre-defined whereas, in addition to
signature
> detection, ManHunt claims to also have the ability to detect a possible
> attack (known as well as 0 day) based on packet anomalies and patterns.
It
> does work up to a point but you must invest the hours required to "fine
> tune" it in order to eliminate false positives (as with many IDS though).
>
> Symantec is decent about getting new signatures updates out and you do
have
> the ability to create your own.
>
> If you are looking for an enterprise IDS solution to replace Snort, and
can
> afford it... my vote would be a toss up between ISS Proventia and
Symantec's
> ManHunt. (Keep in mind that Proventia is an appliance which includes more
> than just NIDS)
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ