Technology Insider: Network-based intrusion-detection systems

By David Newman, Joel Snyder and Rodney Thayer
Network World, 06/24/02

Network-based IDSs are designed to sit on your network, monitor traffic and send alarms whenever suspicious behavior occurs. Sounds like a fairly simple marching order, but our monthlong test of eight of these products show that setting up IDSs requires a substantial time investment to ensure they'll flag only suspicious traffic and leave everything else alone.

Crying wolf: False alarms hide attacks
Eight IDSs fail to impress during the monthlong test on a production network.

IDS glossary
If IDS terminology is alphabet soup to you, our glossary of IDS-specific tags will help in the translation.

Deployment tips
If you're considering installing an IDS product on our network, read our IDS deployment tips to help reduce the number of false positives - attacks that don't really exist - reported by your IDS.

See also:

Security breaking news
Keep up to date on the latest threats to your net.

Network World's Security and Bug Patch Alert newsletter
Get the latest information on security and bug alert announcements and fixes from major vendors.

Network World on Security newsletter
Stay current on security challenges and solutions, and get strategic insight into the future of information security.

Security research page
Get up to speed on security issues, including intrusion detection, hackers and other subjects.

Error 404--Not Found

From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1: 10.4.5 404 Not Found The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.

Apply for your free subscription to Network World. Click here.

Request a reprint or permission to use this article.

To top

Send this article to a colleague

Please select a type of format for the email you want to send: TEXT HTML

Recipient's name: Recipient's e-mail:	Your name: Your e-mail:
Comments:

Feedback

Tell us your thoughts on this article or the issues raised in it. We'll cc: the author and editors on all comments.

Comments:

Name:
E-mail address:

Can we post your comments in an online forum on the topic?
Yes No

What did you think of this article?
Very useful Somewhat useful Not at all useful

Would you want to see:
More articles on this topic
Fewer articles on this topic

Thank you! When you click Submit, you'll be taken back to this article.