[519] in Intrusion Detection Systems
Re: Intro; Question
daemon@ATHENA.MIT.EDU (Philippe Langlois)
Tue Jan 30 22:36:31 1996
From: Philippe Langlois <Philippe.Langlois@INTRINsec.com>
To: ids@uow.edu.au
Date: Tue, 30 Jan 1996 15:48:39 +0000 (GMT)
In-Reply-To: <Pine.LNX.3.91.960125143542.19942A-100000@gcsi.com> from "Dave Bailey" at Jan 25, 96 03:00:27 pm
Reply-To: ids@uow.edu.au
Hi,
> On Mon, 22 Jan 1996, Fred Cohen wrote:
> I do know DIDS. It is not a commercial product and is not generally
> available. It does an admirable job, but it is resource intensive (cpu
> cycles, disk space, and operator and analyst time). Even if it were
> available, it would not be a solution for very many sites.
How does one obtain it?
> However, Phillipe Langlois
> mentioned one developed in France. Perhaps he could summarize this
> product for our edification??
IDERS is a product (under permanent improvement) which collects data from
numerous probes at various subsystem (network, file system, process use,
commands, data contained in files...). The probes report data to a central
program which try to make clear and understandable reports.
It tries to detect fuzzy attack which are not often detected with
normal tools).
IDERS is a commercial _service_, it's not sold but installed for our clients
as a tool for our security service.
PhiL.
--
Philippe Langlois
INTRINsec - Securite informatique
Philippe.Langlois@INTRINsec.com - http://www.INTRINsec.com
