IDS mailing list archives
IDS question
From: "Joubert Berger" <joubert () berger-family org>
Date: Tue, 2 Dec 2003 17:01:23 -0500
I got such a great response from you guys last time on my question about Tripwire competitors (Thanks everyone who responded -- it really helped), that I am going to ask some more questions and get people's opinions. Some of these questions might be very open-ended, but I am trying to get a feel for things. Any insight would be greatly appreciated. How much effort is required to tune and maintain your IDS configuration? What rate of false positives does your IDS produce? Are false positives problematic for you? What are the main categories of false positives that occur in your environment? What are the significant shortcomings (if any) that you experience with your IDS? No need to mention vendors if you are not comfortable. I am starting my evaluation of IDS and would like to know what kind of things to look for. Many thanks in advance. --joubert --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- IDS question Joubert Berger (Dec 02)
- <Possible follow-ups>
- RE: IDS question JAVIER OTERO (Dec 03)