Intrusion Detection Related Information:

[note this is a bare scraping of what's out there, send me links if you think they should be added]
[Its been a whileapproximately forever since I've been able to spare cycles for these pages. As always corrections, additions, etc. are welcome]

IDS Papers

Some companies involved in Intrusion Detection:

  • Axent
  • Intrusion Detection Inc. - makers of the Kane systems, they are now owned by Security Dynamics.
  • ISS
  • Lucidian Technologies - well, it was. Lucidian is now dead
  • Network Associates
  • NETECT - makers of HackerShield - looks to me more like a security scanner than an IDS (as I perceive an IDS).
  • NFR
  • Hiverworld - Taking a look around again, I'm still not sure what they're product really is, so I'll quote them:

    A vulnerability-scanning engine that continuously moves through the network, Swarm locates and examines devices from all perspectives, identifying and assessing potential threats.

    Sounds to me even more like a vulnerability scanner, not an IDS. For awhile the stuff they had looked like a scanner that would feed (if you will) a network map to IDS engines. This is a pretty cool idea, it solves several of the 'which way should we process this packet' type problems for IDS engines, assuming the scanner can keep the IDS engines updated properly (a loaded phrase IMHO).

Unchecked (by me) links can be found here.

About this page:

I started this after a request on the IDS mailing list based at UOW in Australia (ask for help).
This page is currently woefully incomplete, it's meant to be a start so that we can build up a nice resource for people who are interested in intrusion detection.

Current plans for expansion:

  • Create separate sections for host-based and network-based intrusion detection.
  • Fill in those sections.
  • Fill out the list of companies who are involved in intrusion detection (no slights meant at this time, just picked a few off the top of my head, send me a note if you want me to add your company to the list).
  • Write (or have someone else write (hint, hint)) some actual content about intrusion detection.
  • Get a good FAQ here.
  • ...

Disclaimer: I used to work for Lucidian Technologies and have never been speaking for Lucidian with these pages. These pages are for anyone who is interested in intrusion detection.