[Snort-sigs] performance criteria

Jamie Riden jamie.riden at ...2420...
Mon May 16 16:27:46 EDT 2011


Yes, heaven forbid we should discuss IDS performance metrics on an IDS
sigs list.

On 16 May 2011 04:07, evilghost at ...3397... <evilghost at ...3397...> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> This question was also posed in a different form, via thread hi-jacking, on
> Emerging-Threats as well.  Obvious troll is obvious; do not respond.
>
> Jules you need to work on your troll-craft and I'm willing to offer up some
> after hour tutoring if you want to better hone your skills.
>
> Here is your scoring breakdown for this attempt:
>
> 1) Subtle controversial topic; +10 points
> 2) Thread hi-jacking a proposed signature ET thread; -5 points.
> 3) Dual-posting to both Snort-Sigs and ET; -5 points
> 4) Poorly structured question; -5 points
> 5) Weakly structured veiled question to incite conflict; -5 points.
>
> Total score: -5 points.  Feel free to follow up with me on tutoring.
>
>
>
> On 05/15/11 08:20, Jules Pagna Disso wrote:
>> hi,
>>
>> I know this is not directly related to rules but I think you would be the
>> best to help me with the criteria/parameters that need considering when
>> evaluating and IDS performance or when comparing two IDS.
>>
>> thanks,
>> Jules

-- 
Jamie Riden / jamie at ...3509... / jamie.riden at ...2420...
http://uk.linkedin.com/in/jamieriden




More information about the Snort-sigs mailing list