Re: Help!I'm being DoS'ed by our own stupid SIM!!

["Francois Yang" <francois.y () gmail com>]

Looks like your CIO didn't do his/her homework. :)
sometimes the best and most expensive solution is not the best for
your environment. just my two cents...


On 6/19/07, scott <redhowlingwolves () bellsouth net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Our CIO insists on using this app...   ArcSight's Threat Response
> Manager is causing WAY more headaches then security.I don't have time to
> do what I should be doing,because this BEAST thinks normal network
> activity is hostile!
>
> A weapon in one hand or a turd in the other,the way I see it!
>
> Rant over!
>
> Please DO NOT let anyone talk you into trying this.It finds so many
> false positives,it will throttle your bandwidth to a point where it is
> unusable!
>
> I know ArcSight will get mad about this post,but truth be told"Get a
> Grip,PLEASE"!
>
> Help,not hurt your fellow bro's here!
>
> Anyway,Hope this helps,
>     Scott
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFGd2ekelSgjADJQKsRAgMOAKCyw/18sPiu/48oxPLN2snMJFE4nACaAgps
> YNviYot5xdv6SZzYEHYEGC0=
> =cg1S
> -----END PGP SIGNATURE-----


--
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked. — White House Cybersecurity
Advisor, Richard Clarke