Re: NIPS/NIDS performance evaluation query
From: ADT (synfinatic_at_gmail.com)
Date: 06/16/05
- Previous message: Stefano Zanero: "Wireless Intrusion Detection"
- In reply to: snort user: "NIPS/NIDS performance evaluation query"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Jun 2005 10:39:48 -0700 To: snort user <snort.user@gmail.com>
Well any 3rd party performance test which doesn't spell out how they
performed their tests isn't worth diddly squat, which is why the good
ones will spell out their test methodology. Of course, in each case,
they're using arbitrary traffic which may or may not look anything
like the traffic on your network. Hence, their results may not
reflect the performance of the product on your network. Not to
mention, how it is configured can have a dramatic performance impact
as well.
But basically, most NIPS/NIDS tests use one or more of the following
commercial tools:
Smartbits
WebAvalance
Blade Software IDS Informer
As well as open source:
tcpreplay suite
tomahawk
-Aaron (the tcpreplay guy)
-- http://synfin.net/ On 6/14/05, snort user <snort.user@gmail.com> wrote: > How does NIPS/NIDS evaluation agencies test performance of the device ? > > Also, any idea if they use custom made tools or publicly available tools ? > -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
- Previous message: Stefano Zanero: "Wireless Intrusion Detection"
- In reply to: snort user: "NIPS/NIDS performance evaluation query"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
