An Introduction to Intrusion Detection Systems - http://www.intrusion-detection-system-group.co.uk
Detailed introductory guide to intrusion detection systems, both host and network-based. The Dragon IDS Suite is used to demonstrate usage principles. |
IDS Evasion Techniques (Security Focus) - http://www.securityfocus.com/infocus/1577
Explanations of basic IDS evasion techniques as well as suggested fixes and countermeasures to such attacks. Topics covered include basic string-matching weaknesses, polymorphic shell code, session splicing, fragmentation attacks, and denial of service attacks. |
Intrusion Detection FAQ - http://www.sans.org/resources/idfaq/
Frequently asked questions about intrusion detection, from the SANS Institute. |
Network-based intrusion-detection systems - http://www.networkworld.com/techinsider/2002/0624security.html
IDS coverage from Network World, including an in-depth review of eight IDS products, tips for deployment and false alarm reduction, terminology glossary, and related news stories. |
Raffael Marty: Intrusion Detection Resources - http://security.raffy.ch/Intrusion_Detection.php3
A good overall collection of IDS resources including links to log analysis, honeypot, and other useful tools. Also includes information regarding the THOR and Odin IDS projects. |