RE: Study material [bcc][faked-from]

From: Doug.Calton@getronics.com
Date: Tue Jan 13 2004 - 09:21:10 GMT-3

• Next message: Wes Stevens: "RE: Preamble at Speeds Above 10 Mbps [7:82377]"
• Previous message: Matheen Farook: "Reg 2511 setup"
• Maybe in reply to: Bill Lijewski: "RE: Study material [bcc][faked-from]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I built this when studying for the (now defunct) CQS Security track.
While easy enough to do, be aware that you need an Intel Solaris box to
run it on (Sun is now offering the latest OS for free if you download
all three CD ROMs - or you can purchase media for some nominal fee).
Secondly, you needed the actual IDS software. If I recall correctly, an
installable version that you could download was a few releases out of
date, but that was not a major problem for my purposes. Finally, you
need the Cisco Ntwk Management package to actually configure and use the
thing - the name of the product escapes me. There were actually two
management products - one for Solaris and one for Windows, but Cisco was
phasing out the Solaris one, I think.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Bill Lijewski
Sent: Monday, January 12, 2004 9:54 PM
To: 'Jonathan Hays'; ccielab@groupstudy.com
Subject: RE: Study material [bcc][faked-from]

Here is the original thread:

http://www.security$$.com/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=2;t=000
002

NOTE: Replace the $$ in the URL with the letters ie - had to do this so
it wouldn't get filtered.

Also there are several other posts on people building thier own
FrankenIDS on the security$$.com forums. Again replace $$ with ie.

- Bill Lijewski
CCIE#8642
Network Learning Inc
5 Day R&S CCIE Bootcamp Instructor
bill@eccie.com

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Jonathan Hays
Sent: Monday, January 12, 2004 6:42 PM
To: ccielab@groupstudy.com
Subject: RE: Study material [bcc][faked-from]
Importance: Low

you wrote:
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
>Behalf Of Strohmayer, Stephen (Worldcom)
>Sent: Monday, January 12, 2004 7:37 PM
>To: security@groupstudy.com
>Subject: RE: Study material
>
>
>Question.
>
>Has anyone managed to figure out a way to get around having to
>physically
>have an IDS box to study on for the lab. I know this sounds

= = =

What about this?

http://ccie.pl/articles/frankenids.html

• Next message: Wes Stevens: "RE: Preamble at Speeds Above 10 Mbps [7:82377]"
• Previous message: Matheen Farook: "Reg 2511 setup"
• Maybe in reply to: Bill Lijewski: "RE: Study material [bcc][faked-from]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Feb 02 2004 - 09:07:43 GMT-3