IDS mailing list archives
Re: IDS is dead, etc
From: "M. Dodge Mumford" <dodge () dmumford com>
Date: Wed, 6 Aug 2003 15:51:55 -0400
Paul Schmehl said:
This brings up what I guess is a philosophical question. Why would you want to know about Nimda attacks against your servers? If you're properly secured, they won't have any effect. And if you're not, you'll know about them soon enough.
I speak for myself, not my employer, NFR. All of Bennett Todd's points are correct, but I would add one more: The folks who test NIDS have a field day when you don't detect the stupid, common stuff. Disabling the checks for issues you don't care about is key for any successfuly NIDS deployment. -- Dodge
Attachment:
_bin
Description:
Current thread:
- Re: IDS is dead, etc Burak DAYIOGLU (Aug 05)
- Re: IDS is dead, etc Martin Roesch (Aug 05)
- Re: IDS is dead, etc David W. Goodrum (Aug 05)
- Re: IDS is dead, etc Paul Schmehl (Aug 06)
- Re: IDS is dead, etc Bennett Todd (Aug 06)
- Re: IDS is dead, etc maz (Aug 07)
- Re: IDS is dead, etc M. Dodge Mumford (Aug 07)
- Re: IDS is dead, etc Paul Schmehl (Aug 06)
- <Possible follow-ups>
- RE: IDS is dead, etc Tom Arseneault (Aug 06)
- RE: IDS is dead, etc Mark Tinberg (Aug 07)
- RE: IDS is dead, etc Tom Arseneault (Aug 07)
- Re: IDS is dead, etc Sebastian Schneider (Aug 07)
- Re: IDS is dead, etc Barry Fitzgerald (Aug 07)
- Re: IDS is dead, etc Bennett Todd (Aug 08)
- Re: IDS is dead, etc Sam f. Stover (Aug 11)
- Re: IDS is dead, etc Scott Wimer (Aug 11)
- Re: IDS is dead, etc Bennett Todd (Aug 11)
- Re: IDS is dead, etc Scott Wimer (Aug 11)