Re: host-based ids evaluation

From: Konrad Rieck (kr@roqe.org)
Date: 08/10/02 

Date: 10 Aug 2002 20:12:09 -0000
From: Konrad Rieck <kr@roqe.org>
To: focus-ids@securityfocus.com
('binary' encoding is not supported, stored as-is) In-Reply-To: <F1619dwEmztw1WZVAEG0002914e@hotmail.com>

>I'm an IDS newbie, I've to evaluate some host-based
IDS products.
>I need some advice about how to setup a fisible testbed.

Maybe you start reading an interesting survey from 1999,
techincally it might be a little bit outdated but
in general it should cover a lot of aspects for
evaluating IDS.

Intrusion Detection System (IDS) Product Survey
Kathleen A. Jackson

http://www.quarterstone.com/pdf_files/IDSProducts.pdf

Regards,
Konrad Rieck

Relevant Pages

  • Re: IM Consumability Survey
    ... done the marketing to justify a survey. ... If I were you I'd focus on marketing what you have rather than trying to improve ... I participated in one of these efforts for IDS a year ... live customers and users like you took the survey, ...
    (comp.databases.informix)
  • merging two files
    ... What I would like to do is to match up the IDs from the imported ... responded to a survey and mark them so that I can filter and delete the ...
    (microsoft.public.excel.misc)
  • Re: Survey on IDS !
    ... I hope you can have some time to help us answer the next survey: ... In your opinion, which is the best IDS? ... and Snort in particular. ...
    (Focus-IDS)
  • RE: What the heck is this msblast.exe
    ... Been seeing this in my IDS logs all day. ... What the heck is this msblast.exe ... Your network firewall and IDS products do not prevent Web application ... Download a FREE whitepaper on "Security Policy Automation for Web ...
    (Focus-Microsoft)
  • Re: Comparing the performance of two IDS products with different architectures
    ... Comparing the performance of two IDS products with different architectures ... > Does anyone know if there is justification to compare the performance of IDS ...
    (Focus-IDS)