RE: Re : Market Segmentation of IDS

["Kohlenberg, Toby" <toby.kohlenberg () intel com>]

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner () uow edu au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
-----------------------------------------------------------------------------
Most of the host-based products attempt to do more than just
block ports- ZoneAlarm, BlackICE, Sphinx; they all at the very
least _claim_ to provide IDS functionality. I think they are
appropriate topics, perhaps not worth lots of time, but in need
of discussion.

Toby

---------------------------------------------------
Toby Kohlenberg, CISSP
Intel Corporate Information Security
STAT Team
Information Security Specialist 
toby.kohlenberg () intel com
503-264-9783  Office & Voicemail
877-497-1696  Pager
"Just because you're paranoid, doesn't mean they're not after you!"

PGP Fingerprint:
92E2 E2FC BB8B 98CD 88FA  01A1 6E09 B5BA 9E84 9E70

Disclaimer: This email transmission and any files that accompany it may
contain extremely
sensitive information belonging to the Sender and/or Intel Corporation.
The information is intended only for the use of the individual or entity
named. If you are not the
intended recipient, you are hereby notified that any disclosure, copying,
distribution, or the
taking of any action in reliance on the contents of  this information is
strictly prohibited.
----------------------------------------------------




> -----Original Message-----
> From: Mark Renfer [mailto:mri () netsec ch]
> Sent: Tuesday, September 19, 2000 5:13 AM
> To: ids () uow edu au
> Subject: IDS: Re : Market Segmentation of IDS
>
>
> Archive: http://msgs.securepoint.com/ids
> FAQ: http://www.ticm.com/kb/faq/idsfaq.html
> IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
> HELP: Having problems... email questions to ids-owner () uow edu au
> NOTE: Remove this section from reply msgs otherwise the msg 
> will bounce.
> SPAM: DO NOT send unsolicted mail to this list.
> UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
> --------------------------------------------------------------
> ---------------
> I don't think Personal Firewalls should be seen as IDS products
> since their main purpose is not intrusion detection. But honey pots
> definitely are an IDS category as outlined in the IDS FAQ. (see
> mailing list header) So let me add the product listing of this cat.:
>
> Honey Pots:
> Fred Cohen's Deception Toolkit (www.all.net/dtk)
> Netsec SPECTER (www.specter.com)
> NAI CyperCop Sting (www.nai.com)