[Snort-users] ACID/BASE vs PRELUDE
Gene R Gomez
gene at ...13522...
Mon Sep 19 10:15:21 EDT 2005
Disclaimer: member of Prelude Hybrid IDS development team.
Prelude as a Snort management console depends a little bit on what you
mean as a management console. In terms of viewing alerts, it does a
great job of providing a consolidated interface for security events
across all of your platforms and devices.
If, however, you mean as a method for actual management (changing
configuration, stopping and restarting services, managing rules, etc),
Prelude probably won't give you what you're looking for (yet!).
Basic support for sensor management is present in Prelude 0.9 (which
goes stable within the next few days), but the interfaces aren't written
At any rate, Prelude's greatest strength is in presenting your Snort
alerts alongside your host-based alerts, your firewall alerts, and all
manner of other things. BASE appears to be more of an analytical engine
for Snort alone.
Gene R Gomez
On Aug 26, 2005, at 10:38 AM, ddodge wrote:
> Has anyone done a good comparision between BASE
> (http://secureideas.sourceforge.net/) and Prelude
> (http://www.prelude-ids.org/) as a managment console for Snort ?
More information about the Snort-users