OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: IDS: IDS Comparison
From: Paul_J_Bielefeldtnotes.tcs.treas.gov
Date: Thu Mar 02 2000 - 14:18:40 CST

FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
USUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
--------------------------------------------------------------------------- 

---
Of those two products, Real Secure is the better (and cheaper).  NetRanger
detects only 111 signatures, which is way below the average (200-300) of most
IDS.  Real Secure is one of the leaders in this area with over 400 signatures.
NetRanger leaves sessions in cleartext between its network sensors and
management consoles; whereas, Real Secure doesn't.

Niether product, however, performs packet fragment reassembly, which will allow
a slightly more sophistictated hacker to bypass them.  Also, neither product
allows you to create your own signature (though both vendors will claim
differently).  For that reason, I would recommend other products such as Network
Flight Recorder or Dragon that has these added features.  They both have over
400 signatures as well.  They might be a little more difficult to use; however,
than Real Secure.

-Paul-

Hi,

Our company would like to purchase an intrusion detection system.
We don't know which one to choose Netranger or ISS Real Secure.
Can somebody help us to make a comparison between these two products ?

Thanks.
Sirine Tlili