IDS mailing list archives
Re: IDS Security Metris
From: Stefano Zanero <zanero () elet polimi it>
Date: Fri, 06 Apr 2007 10:32:10 +0200
sadly, in the real world, things don't often come in nice round numbers.
How true ! Assuming that "metr-ic" means "something that is quantifiable":
Offhand, I can think of false negative rate,
A good indicator. How would you quantify it ?
false positive rate,
Another good one ! How would you quantify it objectively ?
many Mbit/s it can keep up with,
Nice shot: on which types of traffic ?
cost
This is definitely easier ;)
and how many real attacks are covered in the ruleset.
Woah ! This is a very, very juicy and difficult one. How do you count those little buggers ?! Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- IDS Security Metris jlynnmonett (Apr 05)
- Re: IDS Security Metris Jamie Riden (Apr 05)
- Re: IDS Security Metris Stefano Zanero (Apr 09)
- Re: IDS Security Metris Jamie Riden (Apr 09)
- IDS/IPS evaluation (was Re: IDS Security Metris) Tremaine Lea (Apr 09)
- Re: IDS Security Metris Stefano Zanero (Apr 09)
- Re: IDS Security Metris Eric Hacker (Apr 05)
- Re: IDS Security Metris dpat (Apr 09)
- Re: IDS Security Metris tim_holman (Apr 10)
- Re: IDS Security Metris Jamie Riden (Apr 05)