Re: Current IDS problems

• Previous message: Joel Esler: "Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
• In reply to: zero: "Current IDS problems"
• Next in thread: barcajax_at_gmail.com: "Re: Current IDS problems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 19 Oct 2005 08:45:48 +0800
To: zero <zeroboy@arrakis.es>

Hi,

I myself find false positives a constant problem in IDS. We work with
honeypots so false positives are a lot less but in actual production
systems this might tend to be a problem.

Cheers!
Ryan Talabis
Philippine Honeynet Project
http://www.philippinehoneynet.org

On 10/19/05, zero <zeroboy@arrakis.es> wrote:
> Hi all,
> I would like to know what are the problems people working with IDS sees in
> them. I mean, what are the things you hate about IDS, think simply you feel
> are plain wrong or that they should be another way to it.
>
> Al comments are greatly appreciated :)
>
> Thxs in advance.
>
>
>
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> to learn more.
> ------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

• Previous message: Joel Esler: "Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
• In reply to: zero: "Current IDS problems"
• Next in thread: barcajax_at_gmail.com: "Re: Current IDS problems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]