Re[2]: Question. (Was re:hacker's intro)

Parker, Robert (robpar@ccgate-ut.raxco.com)
Mon, 26 Feb 96 11:31:37 MDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dan Stromberg: "Re: I'm with Gene"
Previous message: J.R.Valverde: "Re: Question. (Was re:hacker's intro)"

     In my experience, there are two types of detection systems, rule based
     and norm based.  Rule based are great because of the immediacy of the
     action.  A true if=>then scenario.  However it is impossible for you
     to roll enough rules to catch every scenario, so you need someting
     that will establish a norm and then look for deviations.  An expert
     system would have to do both in order to be truly effective.

     At the risk of being flamed for spamming...you might try AXENT
     Technologies Intruder Alert.  I am the product manager for it and find
     it to be effective.

     You can call me at 801-227-3752 or write me directly at
     robpar@axent.com.

     Robert Parker

[Quoted Message Deleted - RuF]

Next message: Dan Stromberg: "Re: I'm with Gene"
Previous message: J.R.Valverde: "Re: Question. (Was re:hacker's intro)"