RE: Evaluation/Reviews of COTS and GOTS products (open source too)

Check out this document from NIST.

NIST
IR 7007 "An Overview of Issues in Testing Intrusion Detection Systems", June 2003

http://csrc.nist.gov/publications/nistir/nistir-7007.pdf

They compare a bunch of different evaluations. Here is a text cut from the PDF listing them...

MITRE 1997
UC Davis 1997
MIT/LL 1998
MIT/LL 1999
AFRL 1998
Neohapsis 2001
NSS 2001
Network World 2001

If you are looking for a way to perform your own evaluation, I wrote this document in 1998.

http://www.cis.udel.edu/~zhi/www.docshow.net/ids/IDS_Prod_Eval_Criteria. zip

This page from Deborah Frinke at U of Idaho CS is pretty good.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It
http://www.cis.udel.edu/~zhi/www.docshow.net/ids.htm

Good luck!

Steve

> I am looking for reviews/evaluations of commercial, government, and

• Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
• Automatically Control P2P, IM and Spam Traffic
• Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm

  ---