[472] in Intrusion Detection Systems
Re: Intro; Question
daemon@ATHENA.MIT.EDU (Fred Cohen)
Thu Jan 25 06:45:55 1996
From: fc@all.net (Fred Cohen)
To: ids@uow.edu.au
Date: Mon, 22 Jan 1996 02:19:17 -0500 (EST)
In-Reply-To: <Pine.LNX.3.91.960118100135.6707I-100000-100000@gcsi.com> from "Dave Bailey" at Jan 19, 96 08:54:57 am
Reply-To: ids@uow.edu.au
...
> There is about a decade of research on this subject and a few pilot
> projects, but very little has reached the product stage. My question is
> this: Is anyone (or, I suppose, has anyone) implemented and run, in any
> sort of production sense and IDS system (or is this just an academic
> interest)? If so, which ones and what experience have you had? Was it
> successful?
At least two such systems are now in daily commercial and government use:
DIDS and CMDS
There are probably others as well.
In addition, many people use things like TCP wrappers in combination
with custom warning systems as a rudimentary form of IDS. (I do this
and it works quite well for certain situations). Some months ago I did
a brief investigation of the IDS situation and concluded that of the
products out there, I could not heartily recommend any to my commercial
clients. I hope this helps clarify the situation.
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
