Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: Reports from Cisco IDS

Reports from Cisco IDS

From: Pete S. <pschwarz_at_directvinternet.com>
Date: Thu, 5 Dec 2002 17:37:27 -0500

On the network at work, we use a Cisco PIX (which comes with IDS), which
allows me to send a log to another server. On that server I use something
called Kiwi Syslog Daemon (http://www.kiwisyslog.com/info_syslog.htm). From
there, I use ReportGen (http://www.reportgen.com/downloads.htm) which turns
into stuff my boss can read. Not sure if this solution will work with the
Cisco IDS, but should. I have seen this run on several platforms. They
have trial versions, to see if it fits your bill. Also, their prices are
reasonable, if you like it.
Pete.

Hi,

I have a Cisco IDS (switch module) with the HPOV plug-in. I would like to
know how can I get reports from it. Any kind of report, like by source IP,
top signatures...is this possible? If not, how can I get reports from Cisco
IDS?

Thank you,

Peter
sr. security analyst
Received on Dec 09 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos