FAQ: See http://www.ticm.com/kb/faq/idsfaq.html IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html HELP: Having problems.. Then email questions to ids-owner@uow.edu.au NOTE: You MUST remove this line from reply messages as it will be filtered. SPAM: DO NOT send unsolicted mail to this list. USUB: email "unsubscribe ids" to majordomo@uow.edu.au --------------------------------------------------------------------------- My name is Gary Flynn and I hold a Security Engineer position at James Madison University. I'm investigating IDR products as part of my duties. One of the projects I'm working on part time is a mechanism to aid the campus population in assessing the vulnerabilities on their computers: http://www.jmu.edu/info-security/engineering/proj/idr/cvas.htm >Additionally you might >want to express some personal ideas that you have about what you >think an intrusion detection system should be. 1. Very configurable report formats. It should be possible to access the raw results and let the customer interpret them and produce a report based on the intended audience. 2. Very open in the ability of a customer to add vulnerability checks. 3. Very configurable as to what checks are made and to what degree (i.e. check for version, check for response, check for actual denial of service). 4. Web interface. 5. Very open in describing how the product actually checks vulnerabilities.