IDS experience's
Brandon Knicely
bknicely at nyc.rr.com
Fri May 31 18:28:56 UTC 2002
IDS's have been around awhile but recently became interested in their
usefulness. I was wondering if I could get some group feedback on the
following:
1. How many folks have actually deployed either a NID, NNID or HID system?
2. Have they been useful or just generated noise and excess cycles? (1 -
waste of time, 10 - water walker)
3. Any 'real-world' comparative/useful data and/or opinion on different
approaches...ie pattern matching, anomoly detection and/or data mining
approaches?
4. Any feedback on Snort, ISS, Cisco or Symantec? Or other newer/different
approaches ie Okena?
5. Other general good information, ie issues, gripes, etc.?
I would appreciate any help, feel free to contact direct or list and will
summarize.
thanks,
Brandon
More information about the NANOG
mailing list