> From uunet!uow.edu.au!owner-ids Fri Jan 26 18:20 CST 1996 > Date: Thu, 25 Jan 1996 15:00:27 -0700 (MST) > From: Dave Bailey <uunet!gcsi.com!daveb> > To: uunet!uow.edu.au!ids > Subject: Re: Intro; Question > Mime-Version: 1.0 > > On Mon, 22 Jan 1996, Fred Cohen wrote: > > > At least two such systems are now in daily commercial and government use: > > > > DIDS and CMDS > > > > There are probably others as well. > > I don't know CMDS. Is that a commercial product? > > I do know DIDS. It is not a commercial product and is not generally > available. It does an admirable job, but it is resource intensive (cpu > cycles, disk space, and operator and analyst time). Even if it were > available, it would not be a solution for very many sites. You must know the University version of DIDS. This version was completely trashed and rewritten. The current version, as of 8 months ago, could monitor 200 machines and use less then 5% of the available network bandwith. The connection matching engine on the DIDS server would take ~20% of the one CPU's usage on a SPARC-20; the other CPU was being used by the Oracle database for logging history, generating reports, and User screens. Of course the could spike from time-to-time based on the number of connections occuring on the network. The system runs without operator intervention and will Email warnings to a user. The system will also take actions based on warning levels of a connection. It can be installed on a remote machine from the DIDS server. It uses an encrypted communication channel to the hosts for the transfer of information. It can tell you when it's proccesses are under attack. If it were available for commercial sites, it would sell like hot cakes! > > Stalker (an outgrowth of Haystack--specialized fot Sun systems) is the [ Cut, Cut, Cut... .] > > This, of course, was the point of my question. > > ---D > =============== David R. Kuykendall Email : david@lares.com LARES Technology, Inc. Phone : (210) 558-3422 4115 Goshen Pass Fax : (210) 691-8917 San Antonio, Tx 78230 Info : info@lares.com