Chapter 4. Planning for the Snort Installation
A recent magazine article reviewed all the major Intrusion Detection Systems. The test included IDSs from Cisco, Internet Security Systems, Intrusion, Lanscope, OneSecure, Network Flight Recorder, Recourse Technologies, and Snort. They connected the IDSs on nine T1 Internet connections. Within hours, every one of the tested IDSs had crashed and burned. All the IDSs had filled up their respective intrusion databases, dropped significant numbers of packets, and crashed. No private IDS DoS attack was used against them—just normal high bandwidth Internet traffic. The author of the article summarily dismissed IDSs as an immature, ineffective technology and created quite a stir in the IDS community.
Get Intrusion Detection with Snort now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
