LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page OSS product to replace CS-MARS
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-22-2010, 01:02 PM   #1
TBC Cosmo
Member
 
Registered: Feb 2004
Location: NY
Distribution: Fedora 10, CentOS 5.4, Debian 5 Sparc64
Posts: 356

Rep: Reputation: 43
OSS product to replace CS-MARS

I'm looking for an open source solution to replace Cisco CS-MARS. MARS aggregates syslog data sent to it from remote devices and creates an attack mitigation plan that can then be applied to the devices. It can be used with servers, security appliances and network devices.

I had a brief look at snort, but that seems to function at the packet level and does not aggregate syslog data.

Does anyone have experience or maybe know of a product I should look at?

Thanks
 
Old 06-22-2010, 05:05 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3599Reputation: 3599Reputation: 3599Reputation: 3599Reputation: 3599Reputation: 3599Reputation: 3599Reputation: 3599Reputation: 3599Reputation: 3599Reputation: 3599
Have a brief look at OSSIM or Prelude? If they are not completely what you require they at least might provide the framework to integrate things into.
 
Old 06-22-2010, 05:57 PM   #3
TBC Cosmo
Member
 
Registered: Feb 2004
Location: NY
Distribution: Fedora 10, CentOS 5.4, Debian 5 Sparc64
Posts: 356

Original Poster
Rep: Reputation: 43
OSSIM is looking promising.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Agile Expands Compliance, Product Portfolio, Product Collaboration and Quality Management Capabilities in Latest Version of Leading PLM Solution LXer Syndicated Linux News 0 12-13-2005 08:31 AM
HCL: review for product with 0 entries / generic or detailed product names? stonux LQ Suggestions & Feedback 1 06-03-2005 12:51 AM
Issue with snd-pcm-oss and snd-mixer-oss; OSS load failed EnigmaX Slackware 3 07-26-2004 03:26 PM
Mars! MasterC General 10 08-28-2003 11:33 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:13 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration