IDS is dead (at least, according to Gartner)

by Anton Chuvakin

Related link: http://www.gartner.com/5_about/press_releases/pr11june2003c.jsp



By now, everybody have heard that a well-known analyst firm, Gartner, has proclaimed that Intrusion Detection technology is a failure and will be gone before 2005. To have a good laugh, read the original press release at the above link. An enlightening discussion of the announcement and related issues with IDS technology arose on the focus-ids mailing list. See this link for a
full discussion

2 Comments

anonymous2
2003-06-26 07:34:37
IDS -> Firewalls
I've been running an open-source IDS on my home system for a long time - it's taken countless hits, and since I connected to ADSL has proved absolutely invaluable. So many hits that I developed database logging to help me perform detailed analysis.


My only regret is that the authors sold out to Cisco (they make firewalls don't they?) who promptly "removed" the package from distribution. I have to assume that they incorporated this excellent piece of software into their own hardware - no-one from Cisco has bothered to reply to my email. So, you can guess who I won't be buying from when the time comes to buy a hardware firewall !

anton_chuvakin
2003-06-26 13:09:08
IDS -> Firewalls
You are talking about portsentry? Check this out to see what its author says about Cisco acquisition. And, the tools are still available as well, you just have to know where to look.