IDS mailing list archives

Re: IDS is dead, etc

From: "M. Dodge Mumford" <dodge () dmumford com>
Date: Wed, 6 Aug 2003 15:51:55 -0400

Paul Schmehl said:

This brings up what I guess is a philosophical question.  Why would you 
want to know about Nimda attacks against your servers?  If you're properly 
secured, they won't have any effect.  And if you're not, you'll know about 
them soon enough.


I speak for myself, not my employer, NFR.

All of Bennett Todd's points are correct, but I would add one more: The
folks who test NIDS have a field day when you don't detect the stupid,
common stuff. Disabling the checks for issues you don't care about is key
for any successfuly NIDS deployment.

-- 

Dodge

Attachment: _bin
Description:

Current thread:

Re: IDS is dead, etc Burak DAYIOGLU (Aug 05)
- Re: IDS is dead, etc Martin Roesch (Aug 05)
- Re: IDS is dead, etc David W. Goodrum (Aug 05)
  - Re: IDS is dead, etc Paul Schmehl (Aug 06)
    - Re: IDS is dead, etc Bennett Todd (Aug 06)
    - Re: IDS is dead, etc maz (Aug 07)
    - Re: IDS is dead, etc M. Dodge Mumford (Aug 07)
- <Possible follow-ups>
- RE: IDS is dead, etc Tom Arseneault (Aug 06)
  - RE: IDS is dead, etc Mark Tinberg (Aug 07)
- RE: IDS is dead, etc Tom Arseneault (Aug 07)
  - Re: IDS is dead, etc Sebastian Schneider (Aug 07)
  - Re: IDS is dead, etc Barry Fitzgerald (Aug 07)
    - Re: IDS is dead, etc Bennett Todd (Aug 08)
    - Re: IDS is dead, etc Sam f. Stover (Aug 11)
    - Re: IDS is dead, etc Scott Wimer (Aug 11)
    - Re: IDS is dead, etc Bennett Todd (Aug 11)
    - Re: IDS is dead, etc Scott Wimer (Aug 11)

(Thread continues...)