Re: Signature Counts between IDS's

From: Michael Katz (
Date: 09/10/02

Date: Tue, 10 Sep 2002 09:22:41 -0700
From: Michael Katz <>

At 9/10/2002 08:51 AM, wrote:

>Has anyone ever done a comparison between ISS & Snort on signature counts -
>so which product has the most sigs (and how many) - and which sigs match
>which in the two products

While I don't know the answer to your question, if you're looking to
compare the two (and other IDS products), take a look at the Network
Computing article from August 2001 at

The report card (
rates the top 5 network IDS products as follows:

Enterasys Dragon 4.2 B+
Cisco Secure IDS 2.5 B
Snort 1.7 B-
ISS RealSecure 5.5 C+

There is also a comparison of each product based on signatures for nine (9)
attacks at

Michael Katz
Procinct Security