Firewall Wizards mailing list archives
Re: Intrusion Detection
From: "Paul D. Robertson" <proberts () clark net>
Date: Tue, 14 Apr 1998 14:06:43 -0400 (EDT)
On Tue, 14 Apr 1998, Marcus J. Ranum wrote:
There are really only 2 good reasons I can think of for ID systems: 1) To develop a threat level model as to how often you are attacked 2) To detect clueless people inside your organization who are attacking outside sites
3) To detect clueless people inside your organization, or with access to your facilities who are attacking your own systmems. 4) To trend traffic to detect possible tunnels through allowed protocols like HTTP or SSL. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () clark net which may have no basis whatsoever in fact." PSB#9280
Current thread:
- Intrusion Detection shantanu bhattacharya (Apr 14)
- Re: Intrusion Detection Marcus J. Ranum (Apr 14)
- Re: Intrusion Detection tqbf (Apr 14)
- Re: Intrusion Detection Adam Shostack (Apr 14)
- Re: Intrusion Detection Marcus J. Ranum (Apr 14)
- Re: Intrusion Detection Paul D. Robertson (Apr 14)
- Re: Intrusion Detection Adam Shostack (Apr 15)
- Re: Intrusion Detection Marcus J. Ranum (Apr 15)
- Re: Intrusion Detection Marcus J. Ranum (Apr 14)
- Re: Intrusion Detection Aleph One (Apr 14)
- Re: Intrusion Detection Marcus J. Ranum (Apr 14)
- Re: Intrusion Detection Aleph One (Apr 14)
- Re: Intrusion Detection Marcus J. Ranum (Apr 14)
- Re: Intrusion Detection Adam Shostack (Apr 15)
- Re: Intrusion Detection M. Dodge Mumford (Apr 14)
- Re: Intrusion Detection emaiwald (Apr 15)
- Re: Intrusion Detection Marcus J. Ranum (Apr 15)
- Re: Intrusion Detection Marcus J. Ranum (Apr 15)