Rate the Intrusion Detection Systems?

Posted by Cliff on Wednesday December 5, 2001 @07:23AM from the watch-out-for-the-rabid-digital-guard-dog dept.

Swannie asks: "The company I'm working for is looking into Intrusion Detection Systems. I was curious on how good/bad/ugly/cute/cuddly LIDS (Linux Intrusion Detection System) is when compared to other, commercial, systems like Cisco's NetRanger, etc. I'd be interested in information from my fellow geeks that have deployed LIDS in real world situations, as well as anyone that has switched to LIDS from a commercial solution, or vice-versa. Hopefully if I have some ammunition to go to the powers that be, I'll be able to utilize an open-source (and less expensive) Linux solution instead of a more expensive commercial one." Are there any other options out there which can be added to this comparison? In an odd bit of synchronicity, this article popped up before press time, which offers up another possible answer, in the form of Snort.

3 of 14 comments (clear)

Min score:

Reason:

Sort:

fp! by Anonymous Coward · 2001-12-05 07:28 · Score: -1, Offtopic

of course with random numbers you can never tell.
A great intrusion/honeypot system by Anonymous Coward · 2001-12-05 16:33 · Score: -1, Offtopic

I've really found this one effective, though it is fairly resource intensive: It can really obsolete some of your hardware.
Clarification: Product 6663 by Anonymous Coward · 2001-12-05 16:36 · Score: -1, Offtopic

SKU #6663 is probably the most effective, although I'm sure that there are people who would swear by the others.