NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Intrusion Detection for Firewall-1



>Can someone please recommend a good Intrusion detection product for
Firewall-1 on NT4 sp6a? 
>We would like to get some alert whenever someone scans out Firewall or
services that are dropped.
>I looked at a few like ISS, snort. Where would I install these programs on
the NT 4 Firewall itself?

Tony,

See this link: http://www.enteract.com/~lspitz/intrusion.html 

This should give you more ideas on IDS and the free options... 

Also, Check Point 4.1 has CPMAD (which monitors your logs for different
types of activity - not a "real" IDS solution, but a good tool to use).

For other IDS solutions in terms of network and host based IDS, you can look
into the following - some offer features to "tie-in" with FW-1 some don't:

SNORT (free) http://www.snort.org
ROCKSOFT http://www.rocksoft.com/rocksoft/
ISS	http://www.iss.net
NFR	http://www.nfr.com
Dragon http://www.enterasys.com/ids/

Good luck,

Amin Tora, CISSP
ePlus Technology
http://www.eplus.com
NASDAQ: PLUS



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.