This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro IPS v.s Snort

Hi,

Recently I got few mysql attacks, and my internal IDS detected them and notified me, then I go back to check Astaro, there is nothing there.

My question:
1. Have anyone compare the IDS/IPS detection rate between Astaro and normal Snort IDS install?
2. How many rules included in Astaro compared with normal Snort install?

I have one IDS on Solaris 10, and using latest Snort and rule set. It seems like my IDS detect more. So far my Astaro only detected port scan and ICMP/UDP flood, but I turn on all rules so I expect that it can detect previous mysql attack.

Thanks,

Hsinan

This thread was automatically locked due to age.

Parents

0 Scott_Klassen over 14 years ago

@simby There are no changes to IDS in 8.200. Status of new, pending, and requested features can be found at Astaro Gateway Feature Requests
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Scott_Klassen over 14 years ago

@simby There are no changes to IDS in 8.200. Status of new, pending, and requested features can be found at Astaro Gateway Feature Requests
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data