IDS mailing list archives
RE: Evaluation/Reviews of COTS and GOTS products (open source too)
From: "Lodin, Steven {DI~Basel Dia}" <STEVEN.LODIN () Roche COM>
Date: Mon, 04 Aug 2003 20:30:38 +0200
Check out this document from NIST. NIST IR 7007 "An Overview of Issues in Testing Intrusion Detection Systems", June 2003 http://csrc.nist.gov/publications/nistir/nistir-7007.pdf They compare a bunch of different evaluations. Here is a text cut from the PDF listing them... MITRE 1997 UC Davis 1997 MIT/LL 1998 MIT/LL 1999 AFRL 1998 Neohapsis 2001 NSS 2001 Network World 2001 If you are looking for a way to perform your own evaluation, I wrote this document in 1998. http://www.cis.udel.edu/~zhi/www.docshow.net/ids/IDS_Prod_Eval_Criteria. zip This page from Deborah Frinke at U of Idaho CS is pretty good. It http://www.cis.udel.edu/~zhi/www.docshow.net/ids.htm Good luck! Steve
I am looking for reviews/evaluations of commercial, government, and open-source Intrusion Detection Systems (and Vulnerability Scanners too, if these reviews exist). So far, I have the following sources: - Evaluation by NSS (http://www.nss.co.uk) - Neohapsis OSEC - Network Computing's 2001 Study (which favored Dragon) - 2002 Information Security Excellence Winners - Various reviews by SC Magazine in the "testcenter" section I am looking for more, if they exist. And, I do realize that these evaluations might not be that great (I have to take them with a grain of salt), but I still would like to read them.
--------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ---------------------------------------------------------------------------
Current thread:
- RE: Evaluation/Reviews of COTS and GOTS products (open source too) Lodin, Steven {DI~Basel Dia} (Aug 05)
- <Possible follow-ups>
- RE: Evaluation/Reviews of COTS and GOTS products (open source too) Lodin, Steven {DI~Basel Dia} (Aug 06)