Firewall Wizards mailing list archives
re:The value of detecting neutralized threats
From: Glenn Larsson <glenn.larsson () datortek vasteras se>
Date: Sun, 31 Jan 1999 18:51:34 +0100
Hi. I dont have much experience in the FW subject, bud i do have an idea. I think that multiple stage IDS should be a good thing to have: 1.. In front of the firewall(s) 2.. Behind the firewall(s) (or inside in the firewall chain?) 3.. Behind the internal protection (proxys etc) and a second network, capable of analysing this data should listen in on all 3 points, detecting "doorknocks", intrusions, stealth scans and internal problems etc etc... = a sort of security service network which only have one purpose: to analyse user traffic in tandem with the real network. If this could be done - many would feel safer ...or more paranoid 8-} How much CPU power, How many scan points? - I don't know, i live that to you guys and gals. Best regards, Glenn _________________________________________________ Please visit INSL @ http://194.23.169.99/
Current thread:
- re:The value of detecting neutralized threats Glenn Larsson (Feb 01)