[Snort-users] ACID/BASE vs PRELUDE

Gene R Gomez gene at ...13522...
Mon Sep 19 10:15:21 EDT 2005


Disclaimer: member of Prelude Hybrid IDS development team.
Prelude as a Snort management console depends a little bit on what you 
mean as a management console.  In terms of viewing alerts, it does a 
great job of providing a consolidated interface for security events 
across all of your platforms and devices.
If, however, you mean as a method for actual management (changing 
configuration, stopping and restarting services, managing rules, etc), 
Prelude probably won't give you what you're looking for (yet!).
Basic support for sensor management is present in Prelude 0.9 (which 
goes stable within the next few days), but the interfaces aren't written 
At any rate, Prelude's greatest strength is in presenting your Snort 
alerts alongside your host-based alerts, your firewall alerts, and all 
manner of other things.  BASE appears to be more of an analytical engine 
for Snort alone.

Gene R Gomez

On Aug 26, 2005, at 10:38 AM, ddodge wrote:

>  All,
>  Has anyone done a good comparision between BASE
>  (http://secureideas.sourceforge.net/) and Prelude
>  (http://www.prelude-ids.org/) as a managment console for Snort ?

More information about the Snort-users mailing list