[Oisf-users] Comparative test between Palo Alto and Suricata
David Sussens
dsussens at gmail.com
Sat Mar 21 18:16:18 UTC 2015
Andreas,
It is a PA 3050 with the latest OS and lastest signatures loaded. I am
running it in VWIRE mode at present. The test is essentially done with the
PA sitting between a scanning box and a vulnerable box running
metasploitable...
Hope that answers your questions. :)
On Sat, Mar 21, 2015 at 8:40 AM, Andreas Moe <moe.andreas at gmail.com> wrote:
> Sorry for the spam. But what type og Palo Alto are you using, will the
> test be controlled (pcap replays as an ex.) Anf so on. Just very curious
> about your setup.
> 21. mars 2015 07:38 skrev "Andreas Moe" <moe.andreas at gmail.com>:
>
> This sounds like a cool test. But as coop was onto, setting palo altos fw
>> functions agaist suricta would be a strange comparrison. But checking the
>> IDS/IPS function in Palo Alto against suricata woould be cool.
>> 21. mars 2015 00:05 skrev "Michał Purzyński" <michalpurzynski1 at gmail.com
>> >:
>>
>>> On Fri, Mar 20, 2015 at 6:38 PM, None None <electrophobe at gmail.com>
>>> wrote:
>>> > experience thus far has been that Suricata decimates the Palo Alto I am
>>> > testing in terms of detection accuracy and blocking of attacks.
>>> >
>>> > What is the best way for me to submit my findings?
>>>
>>> Submit them right here :-) We are glad to hear someone invested his
>>> time and energy into comparison, and might have a meaningful
>>> discussion.
>>>
>>> Cargo-cult-security is the term I can't stop thinking about every time
>>> I hear about yet another silver bullet "buy us, power on, all your
>>> security problems are gone".
>>> _______________________________________________
>>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>>> Site: http://suricata-ids.org | Support:
>>> http://suricata-ids.org/support/
>>> List:
>>> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>> Training now available: http://suricata-ids.org/training/
>>>
>>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Training now available: http://suricata-ids.org/training/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150321/640211c2/attachment-0002.html>
More information about the Oisf-users
mailing list