[ Thanks to Elliot
Turner for this link. ]
“An article titled “Some thoughts on (network) intrusion
detection systems” was recently posted to SecurityPortal.com, in a
weekly column called “Kurt’s Closet”. This article written by Kurt
Seifried (a security analyst and author of the “Linux
Administrators Security Guide”) discusses several possible flaws in
NIDS (Network Intrusion Detection) technology, and mentions
possible solutions. While this article makes some interesting
points, I believe that many of the statements made may incorrectly
represent the current state of NIDS technology. Having been
heavily involved in NIDS development for the past four years, I
become concerned when statements are made that may result in public
misconception. Because of this, I have written a few short comments
on the points that Mr. Seifried covers in his column.“