[Snort-devel] IDS paper on snort.org

Detmar Liesen counter.spy at ...578...
Thu Aug 8 09:24:03 EDT 2002

Hi folks,
I have written a paper "Requirements for Enterprise-Wide Scaling Intrusion
some weeks ago, which is now available for download on snort.org.

The idea was to compile relevant criteria for scalable IDSs, regarding
corellation, security, etc.

The paper is mainly based on my personal experience with Snort, Enterasys
Dragon 5.2 and ISS RealSecure 6.5. but also on discussions with various people
on the mailinglists (snort lists, the dragon list, issforum,
focus-ids at ...1532... etc) and offline discussions with other professionals.

My aim is to maintain an up-to-date sort of wish-list for the IDS community
and to learn from your feedback (I am still kind of new, since my IDS
experience is based solely on my diploma thesis so your feedback is very much
Your priorities may differ from my priorities, for various reasons.
Of course I've also been influenced by the needs of the company where I have
written my thesis.

Please direct your feedback, rants, flames and your credit-card number
directly at me. 
Hmmm,....you may skip the last point.

Have fun


GMX - Die Kommunikationsplattform im Internet.

More information about the Snort-devel mailing list