IDS mailing list archives

RE: IDS for DataBase Systems.

From: Greg Shipley <gshipley () neohapsis com>
Date: Mon, 18 Nov 2002 15:59:06 -0600 (CST)


You'll want to do some more digging on this, but I was talking to the
Entercept folks a few weeks ago and I believe they just announced a
host-based database "intrusion prevention" type product.  As in, something
that is SPECIFICALLY designed for DBs.

In fact, in briefly cruising their site, this looks to be it:
http://www.entercept.com/products/dbe/

In theory (I have not done this or checked it out...yet) one could tie the
alert output of such a solution to some type of correlation system, and
effectively have a "database IDS."

Might take some initial heavy lifting, but could be cool...assuming
Entercept's solution works, and you can get your sysadmins and DBAs to buy
into it.

Hope this helps,

-Greg

Current thread:

RE: IDS for DataBase Systems. Galappatti, Kishantha (Nov 14)
- <Possible follow-ups>
- RE: IDS for DataBase Systems. Kohlenberg, Toby (Nov 16)
  - RE: IDS for DataBase Systems. Greg Shipley (Nov 19)
- RE: IDS for DataBase Systems. Ralph Los (Nov 16)
- RE: IDS for DataBase Systems. Lanzilotta, Chris S. (MBS) (Nov 17)
- RE: IDS for DataBase Systems. Ross, Alan D (Nov 17)
- RE: IDS for DataBase Systems. Ken Smith (Nov 21)