Dailydave mailing list archives
Re: lots of monkeys staring at a screen....security?
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 27 Oct 2006 10:30:24 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Making IDS part of a defense in depth strategy is giving it some credit for actually providing defense, which it doesn't do. The people who win the IDS game are the people who spend the least money on it. This is why security outsourcing makes money - it's just as worthless as maintaining the IDS yourself, but it costs less. Likewise, Snort is a great IDS solution because it does nothing but it does it cheaper. The technology curve is towards complex, encrypted, asynchronous protocols. The further into time you look, the worse the chances are that sniffing traffic is an answer to anything. The market is slowly realizing this technology's time has past, but in the meantime lots of people are making giant bus-loads of cash. Good for them. But IDS technology isn't relevant to a security discussion in this day and age and it's not going to be anytime soon. imho, - -dave Kevin Johnson wrote:
On Oct 26, 2006, at 8:09 AM, Dave Aitel wrote:My feeling is that IDS is 1980's technology and doesn't work anymore. This makes Sourcefire and Counterpane valuable because they let people fill the checkbox at the lowest possible cost, but if it's free for all IBM customers to throw an IDS in the mix then the price of that checkbox is going to get driven down as well.I think that you are throwing away a technology because of the fact it doesn't live up to the hype the sales monkeys have spewed. While I will agree that IDS' are not the end all be all, they do provide a very important layer within the defense in depth strategy. Yes you can evade them, and yes most companies want to just plug them in and forget about them, but that doesn't make the idea wrong. I am a little biased, <grin> Kevin --------------------- GCIA, GCIH BASE Project Lead http://base.secureideas.net The next step in IDS analysis! ---------------------------------------------------------------------- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFQhgAB8JNm+PA+iURAggDAJkBuqRFl9ReViS4NVz2gk+HivecrACg7NhQ PaCvkRruIvjW40CT7P5XzBo= =+Aba -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- lots of monkeys staring at a screen....security? Dave Aitel (Oct 26)
- Re: lots of monkeys staring at a screen....security? Dave Korn (Oct 26)
- Re: lots of monkeys staring at a screen....security? Joanna Rutkowska (Oct 27)
- Re: lots of monkeys staring at a screen....security? Gadi Evron (Oct 27)
- Re: lots of monkeys staring at a screen....security? Joanna Rutkowska (Oct 27)
- Re: lots of monkeys staring at a screen....security? Blue Boar (Oct 26)
- Re: lots of monkeys staring at a screen....security? Jamie Riden (Oct 26)
- Re: lots of monkeys staring at a screen....security? Kevin Johnson (Oct 27)
- Re: lots of monkeys staring at a screen....security? Dave Aitel (Oct 27)
- Re: lots of monkeys staring at a screen....security? Halvar Flake (Oct 27)
- Re: lots of monkeys staring at a screen....security? Thomas Ptacek (Oct 27)
- Re: lots of monkeys staring at a screen....security? Matt Beaumont (Oct 27)
- Re: lots of monkeys staring at a screen....security? Dave Aitel (Oct 28)
- Re: lots of monkeys staring at a screen....security? Ron Gula (Oct 28)
- Re: lots of monkeys staring at a screen....security? liquidfish (Oct 27)
- Re: lots of monkeys staring at a screen....security? Gadi Evron (Oct 28)
- Re: lots of monkeys staring at a screen....security? Thomas Ptacek (Oct 29)
- Re: lots of monkeys staring at a screen....security? Gadi Evron (Oct 29)
- Re: lots of monkeys staring at a screen....security? David Maynor (Oct 29)
- Re: lots of monkeys staring at a screen....security? Dave Aitel (Oct 27)
- Re: lots of monkeys staring at a screen....security? Dave Korn (Oct 26)