This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro IPS v.s Snort

Hi,

Recently I got few mysql attacks, and my internal IDS detected them and notified me, then I go back to check Astaro, there is nothing there.

My question:
1. Have anyone compare the IDS/IPS detection rate between Astaro and normal Snort IDS install?
2. How many rules included in Astaro compared with normal Snort install?

I have one IDS on Solaris 10, and using latest Snort and rule set. It seems like my IDS detect more. So far my Astaro only detected port scan and ICMP/UDP flood, but I turn on all rules so I expect that it can detect previous mysql attack.

Thanks,

Hsinan

This thread was automatically locked due to age.

Parents

0 Hsinan over 15 years ago

Hi,

Yes, I will vote it fore sure.

Regarding to my Astaro status:
Intrusion Prevention is active with 7567 of 8217 patterns

1. Why do I still have about 700 patterns missing?
2. Will Astaro support official snort rules before? Can it also support rules from emergingthreats.com?

Thanks,

Hsinan
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Hsinan over 15 years ago

Hi,

Yes, I will vote it fore sure.

Regarding to my Astaro status:
Intrusion Prevention is active with 7567 of 8217 patterns

1. Why do I still have about 700 patterns missing?
2. Will Astaro support official snort rules before? Can it also support rules from emergingthreats.com?

Thanks,

Hsinan
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data