[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Intrusion Detection for Firewall-1
>Can someone please recommend a good Intrusion detection product for Firewall-1 on NT4 sp6a? >We would like to get some alert whenever someone scans out Firewall or services that are dropped. >I looked at a few like ISS, snort. Where would I install these programs on the NT 4 Firewall itself? Tony, See this link: http://www.enteract.com/~lspitz/intrusion.html This should give you more ideas on IDS and the free options... Also, Check Point 4.1 has CPMAD (which monitors your logs for different types of activity - not a "real" IDS solution, but a good tool to use). For other IDS solutions in terms of network and host based IDS, you can look into the following - some offer features to "tie-in" with FW-1 some don't: SNORT (free) http://www.snort.org ROCKSOFT http://www.rocksoft.com/rocksoft/ ISS http://www.iss.net NFR http://www.nfr.com Dragon http://www.enterasys.com/ids/ Good luck, Amin Tora, CISSP ePlus Technology http://www.eplus.com NASDAQ: PLUS ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|