Comment Re:Car Alarms (Score 1) 215
This comparison is not fair and not even close. First of all an IDS is a tool. It is a tool to be used by experienced people. Would you hire someone to maintain your Cisco network that had never maintained a CIsco router? How about someone to manage your firewall who didn't know firewalls.
False alerts are usually not really false alerts. If an attack or a probe does not succeed I stil want to know that the attack took place. It identifies *intent*.
In many cases the rest of the false alerts that are just calling out network activites can be tuned out. If you dont know how to do that then learn :)
The idea that an IDS makes the decision that something is interesting or not is a scary proposition and all it will do is lead to more insecurity.
Bite the bullet and hire someone for their *expertise* and *skill* and stop looking for pipe dreams of a security system that will tell your non-technical people you are in trouble...
False alerts are usually not really false alerts. If an attack or a probe does not succeed I stil want to know that the attack took place. It identifies *intent*.
In many cases the rest of the false alerts that are just calling out network activites can be tuned out. If you dont know how to do that then learn
The idea that an IDS makes the decision that something is interesting or not is a scary proposition and all it will do is lead to more insecurity.
Bite the bullet and hire someone for their *expertise* and *skill* and stop looking for pipe dreams of a security system that will tell your non-technical people you are in trouble...
