Security Basics mailing list archives
Re: Checkpoint smart defance as IPS
From: Demith Samaraweera <demith () millenniumit com>
Date: Fri, 28 May 2010 22:52:31 +0530
Hi MarcoSmartDefense is a average level IPS but I must say it is not the best IPS around. Chekcpoints recent improvements to SmartDefense called IPS1 is better. But for your concerns if the users use SSL only few IPSs around who can intercept SSL is useful (Like McAfee) will work. I have worked with many IPS products and all depends the user who manages the IPS because fine tuning is the best. But then again McAfee, TippoingPoint and SourceFire are all good
On 5/28/2010 2:20 AM, mzcohen2682 () aim com wrote:
Hi list friends !!!I did a pentest for a client's web site and found many holes most of them because of Sql injection which can be fixed with a good practice of input validation. I also recommended installing an IPS. the client has checkpoint smart defance module installed on his FW but I guess that this module is not enough because 1. one cant write signatures 2. the clients uses SSL on his web site so the IPS cant see the attack. AM I WRONG?? I think that the client needs to buy a real IPS which can also open the encrypted traffic.which IPS you recommend for doing the task? thanks a lot, Marco ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital CertificateIn this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1------------------------------------------------------------------------
******************************************************************************************************************************************************************* "The information contained in this email including in any attachment is confidential and is meant to be read only by the person to whom it is addressed. If you are not the intended recipient(s), you are prohibited from printing, forwarding, saving or copying this email. If you have received this e-mail in error, please immediately notify the sender and delete this e-mail and its attachments from your computer." ******************************************************************************************************************************************************************* ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Checkpoint smart defance as IPS, (continued)
- Re: Checkpoint smart defance as IPS Laurens Vets (May 28)
- Re: Checkpoint smart defance as IPS mzcohen2682 (May 28)
- Re: Checkpoint smart defance as IPS Laurens Vets (May 28)
- Re: Checkpoint smart defance as IPS Trevor Alexander (May 28)
- RE: Checkpoint smart defance as IPS Bretten, Andrew P (May 28)
- RE: Checkpoint smart defance as IPS Craig S. Wright (May 31)
- Re: Checkpoint smart defance as IPS Trevor Alexander (May 31)
- RE: Checkpoint smart defance as IPS Craig S. Wright (May 31)
- RE: Checkpoint smart defance as IPS Craig S. Wright (May 31)
- Re: Checkpoint smart defance as IPS mzcohen2682 (May 28)
- Re: Checkpoint smart defance as IPS Laurens Vets (May 28)