Hi, > On Mon, 22 Jan 1996, Fred Cohen wrote: > I do know DIDS. It is not a commercial product and is not generally > available. It does an admirable job, but it is resource intensive (cpu > cycles, disk space, and operator and analyst time). Even if it were > available, it would not be a solution for very many sites. How does one obtain it? > However, Phillipe Langlois > mentioned one developed in France. Perhaps he could summarize this > product for our edification?? IDERS is a product (under permanent improvement) which collects data from numerous probes at various subsystem (network, file system, process use, commands, data contained in files...). The probes report data to a central program which try to make clear and understandable reports. It tries to detect fuzzy attack which are not often detected with normal tools). IDERS is a commercial _service_, it's not sold but installed for our clients as a tool for our security service. PhiL. -- Philippe Langlois INTRINsec - Securite informatique Philippe.Langlois@INTRINsec.com - http://www.INTRINsec.com