Firewall Wizards mailing list archives
Re: future of IDS
From: Dex Wycoff <dex () yahoo com>
Date: Fri, 16 Oct 1998 21:13:52 -0700 (PDT)
With the likelihood that more and more hubs are going to disappear and be replaced by switches, where does that leave the humble IDS that can no longer see all the traffic it needs to, to do its job?
THe IDS folks have been aware of this pending problem for a while. The basic approaches are (1) use an explicit tap on the switch, (2) build the IDS into the switch (or get the switch to cooperate with the IDS), (3) get the end hosts to chip in and function as IDS sensors. Vern
Luckily, IDS does not have a steadfast definition that can be cornered by this problem. The current market of N-IDS (Network) products are iffected by this problem but as Mr. Paxson outlines in #3, smart nodes are a solution. Most big name N-IDS products are just security aware sniffers and will thus have to piggy back on the switch. The question that I keep running around is the viability of smart nodes. From what I understand, users of the @Home service are given a cable box which provides connectivity and security. If the user so chooses, the security resctrictions enforced on the box can be changed securely and with ease. The "it will never work because ... " arguments seem big but I just can't help looking at the blue sky. _________________________________________________________ DO YOU YAHOO!? Get your free @yahoo.com address at http://mail.yahoo.com
Current thread:
- Re: future of IDS, (continued)
- Re: future of IDS Stephen P. Gibbons (Oct 19)
- Re: future of IDS Crispin Cowan (Oct 23)
- Re: future of IDS Stephen P. Gibbons (Oct 23)
- Re: future of IDS Stephen P. Gibbons (Oct 19)
- Re: future of IDS Darren Reed (Oct 19)
- Re: future of IDS Doug Hughes (Oct 23)
- Re: future of IDS Darren Reed (Oct 28)
- Re: future of IDS Doug Hughes (Oct 28)
- RFC blitzkreig server dreamwvr (Oct 23)
- Re: future of IDS Owen O'Connor (Oct 23)
- Re: future of IDS David Lang (Oct 23)
- Re: future of IDS Ken Hardy (Oct 27)
- Re: future of IDS Darren Reed (Oct 23)
- Re: future of IDS Doug Hughes (Oct 23)