Re: Signature Counts between IDS's

From: Michael Katz (mike@procinct.com)
Date: 09/10/02

• Previous message: SEdwards@toplayer.com: "Signature Counts between IDS's"
• Maybe in reply to: SEdwards@toplayer.com: "Signature Counts between IDS's"
• Next in thread: Brad.Dunn@Intelsat.com: "RE: Signature Counts between IDS's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 10 Sep 2002 09:22:41 -0700
To: focus-ids@securityfocus.com
From: Michael Katz <mike@procinct.com>

At 9/10/2002 08:51 AM, SEdwards@toplayer.com wrote:

>Has anyone ever done a comparison between ISS & Snort on signature counts -
>so which product has the most sigs (and how many) - and which sigs match
>which in the two products

While I don't know the answer to your question, if you're looking to
compare the two (and other IDS products), take a look at the Network
Computing article from August 2001 at
http://www.networkcomputing.com/1217/1217f2.html

The report card (http://img.cmpnet.com/nc/1217/graphics/1217f2report_1.pdf)
rates the top 5 network IDS products as follows:

Enterasys Dragon 4.2 B+
Cisco Secure IDS 2.5 B
Snort 1.7 B-
ISS RealSecure 5.5 C+

There is also a comparison of each product based on signatures for nine (9)
attacks at http://img.cmpnet.com/nc/1217/graphics/1217f2_1.pdf

Michael Katz
mike@procinct.com
Procinct Security

---

• Previous message: SEdwards@toplayer.com: "Signature Counts between IDS's"
• Maybe in reply to: SEdwards@toplayer.com: "Signature Counts between IDS's"
• Next in thread: Brad.Dunn@Intelsat.com: "RE: Signature Counts between IDS's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-ids  > 2002-09