Security Basics mailing list archives
Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS?
From: Kel <kellstr () gmail com>
Date: Thu, 28 May 2009 19:27:44 -0400
Most "attacks" are actually against web browsers and are usually like a booby trap. A piece of malicious code is inserted in a web site waiting for someone to trigger it. That payload may install a keystoke reader on that computer and now every password entered on that box goes back to the attacker. This isn't a server so you haven't installed HIDS. Personally, if I were going to attack a network I'd go after the printers first, establish my foothold there, and then work on the servers. On Tue, May 26, 2009 at 8:46 PM, Juan B <juanbabi () yahoo com> wrote:
HI, I am thinking that if the target of a hacker is always the server so why I need the NIDS ? I can monitor very well just the servers with some kind of HIDS like Ossec and I am done no? why should I care about the NIDS when I have a well configured HIDS on every server? thanks Juan ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
-- Laws alone cannot secure freedom of expression; in order that every man present his views without penalty there must be spirit of tolerance in the entire population. - Albert Einstein ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Kel (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Jeffrey Walton (Jun 01)
- <Possible follow-ups>
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Thrynn (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Francois Yang (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? evilwon12 (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Laurens Vets (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Aarón Mizrachi (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? lonervamp (Jun 01)
- RE: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Nick Vaernhoej (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? aditya mukadam (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Aarón Mizrachi (Jun 01)