[257] in Intrusion Detection Systems
Re: Ids evaluation
daemon@ATHENA.MIT.EDU (Mark_W_Loveless@smtp.bnr.com)
Mon Jun 12 14:03:36 1995
From: Mark_W_Loveless@smtp.bnr.com
Date: Fri, 09 Jun 95 22:43:44 CST
To: ids@uow.edu.au
Reply-To: ids@uow.edu.au
Brian - I'd start with my (latest) favorite book, Internet Firewalls
and Network Security, from your local nerd bookstore. It covers some
stuff like defining a security policy to configuring firewalls. It
also has a list of sources you can go to. I'd recommend a system that
at least tries to catch an intruder instead of just detect one,
Sidewinder by (I can't remember, someone jump in here)? comes to mind,
I've heard good things about it. - Mark_W_Loveless@smtp.bnr.com
______________________________ Reply Separator _________________________________
Subject: Ids evaluation
Author: ids@uow.edu.au at internet
Date: 6/7/95 3:46 PM
I want to buy and install an intrusion detection system. Our purchasing
department is telling me that I have to provide a list of specifications for an
intrusion detection system that can be used to evaluate the features of
competing products. Given the little I know of the different approaches that
IDS systems use, this seems a difficult task. From time to time I have been
surprised by the high levels of ability of people posting on this list and I
think that some of them must have been through this evaluation process before.
Can anyone e-mail me a starting point for evaluation specifications please, or
point me to a good source?
Brian Smith, DOS Dummy
