Re: Changes in IDS Companies?
From: Eye Dius (nthlayer@yahoo.com)Date: 10/17/02
- Previous message: Oliver Petruzel: "RE: Changes in IDS Companies?"
- Maybe in reply to: Samuel Cure: "Changes in IDS Companies?"
- Next in thread: Clint Byrum: "Re: Changes in IDS Companies?"
- Reply: Clint Byrum: "Re: Changes in IDS Companies?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 17 Oct 2002 07:26:25 -0000 From: Eye Dius <nthlayer@yahoo.com> To: focus-ids@securityfocus.com('binary' encoding is not supported, stored as-is) In-Reply-To: <003101c27594$5de8e970$01000001@SecurityConscious.com>
- snip -
>IDS vendors have not
>been able to get false alarm/postive rates down to a level where
>organizations would trust an IDS alert to enforce network policy.
>
>Nothing I've seen or read from these new vendors gives me any reason to
>believe they have cured the cancer of IDS - false alarms/positives.
What are some of the big reasons for false positives? What is preventing
new or existing vendors from fixing this problem?
- Previous message: Oliver Petruzel: "RE: Changes in IDS Companies?"
- Maybe in reply to: Samuel Cure: "Changes in IDS Companies?"
- Next in thread: Clint Byrum: "Re: Changes in IDS Companies?"
- Reply: Clint Byrum: "Re: Changes in IDS Companies?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
