IDS mailing list archives
Re: [security-elvandar] Re: Rather funny; looks like page defacement to me
From: Remko Lodder <remko () elvandar org>
Date: Tue, 17 Jun 2003 21:27:24 +0200
Quoting adam <eggroid () hotpop com>: Well , they could partly be right. When firewalls keep evolving and can implement stuff that is nowadays implemented in IDS software it would be possible someday. However, my opinion is that IDS sensors is needed at current time, since there is no other possibility to detect strange traffic patterns [ like a undetected virus.. ] at this current point in time, i think. Also i think that seperated IDS Sensors and Firewalls are better performing than that it's implemented into one component. The only problem here lies in the management people who decide what hardware to buy for their network security. When they find products that implement Firewalling / Antivirus / IDS in a single product with a nice pricetag they will surely sooner choose that product then any other product. When IDS'es keep evolving in the way they do now i dont think that they will have anything to fear for the next 4/5 years at least. Since firewalls need to be better and better and IDS'es need to be better and better they will be seperated in development for the next couple of years. But then again, that is my opinion :-) Is there anyone of the 'other' side who agrees with gartner? Perhaps it can be an interesting discussion between pro ids' persons and pro firewall persons? Cheers!
I thought this was a joke too - but sadly, it's not. Monday, at the Security Interest Group seminar in Dearborn, MI (Detroit area) Gartner is scheduled to speak on "Intrusion Detection is Dead, Intrusion Prevention is Stillborn, Firewalls are the Future." Hard to believe, isn't it? Anton Chuvakin wrote:All, This link posted on the snort site. I figured I'd send it to the list, since its a fascinating read. http://www.gartner.com/5_about/press_releases/pr11june2003c.jsp My first impression was that it is a page defacement, so outrageous some claims are. For instance, did you know that IDS actually _cause_ incident response to happen? :-) Or this gem : "Money Slated for Intrusion Detection Should Be Invested in Firewalls"? Best,
-------------------------------------------------------------------------------
INTRUSION PREVENTION: READY FOR PRIME TIME? IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities - including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention. Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids2
-------------------------------------------------------------------------------
-- Met vriendelijke groet, Remko Lodder Webmaster Elvandar.org Webmaster Firewalladministrator.org Member of www.dshield.org Distributed Instrusion Detection Member of www.dsinet.org Dutch Security Information Network /* $(echo 'find / -perm -004000'|sed -n -e 's/([^-]*)(.*)/21/g' -e 's/([^,] *)e//g' -e 's/0//g' -e 's/4/r/g' -e 's/ind//p') */ ------------------------------------------------- http://www.elvandar.org Homepage Elvandar.org Security related http://www.grunn.org Homepage of grunn.org http://www.mostly-harmless.nl Wanna learn unix systems and about security? (dutch spoken) http://www.dsinet.org Dutch Security Information Network http://www.koekiemonster.com A site about dancing http://www.piare.org Homepage Piare.org ------------------------------------------------- This mail is for the addressee only. If you are not that person please delete this mail right now. Also be notified that every mail sent will be scanned by our virusscanner. Deze mail is bedoeld voor de geaddresseerde. Als u niet deze persoon bent wordt u verzocht om het mailtje direct te verwijderen. Wees er ook van op de hoogte dat alle mailtjes gescanned worden door onze virusscanner ----The mailserver daemon. -------------------------------------------------
Attachment:
_bin
Description: Digitale PGP handtekening
Attachment:
_bin
Description: Openbare PGP sleutel
------------------------------------------------------------------------------- Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com -------------------------------------------------------------------------------
Current thread:
- Rather funny; looks like page defacement to me Anton Chuvakin (Jun 13)
- Re: Rather funny; looks like page defacement to me adam (Jun 14)
- Re: [security-elvandar] Re: Rather funny; looks like page defacement to me Remko Lodder (Jun 18)
- Re: [security-elvandar] Re: Rather funny; looks like page defacement to me Paul Schmehl (Jun 18)
- Re: [security-elvandar] Re: Rather funny; looks like page defacement to me Remko Lodder (Jun 18)
- Re: Rather funny; looks like page defacement to me Jerry M. Howell II (Jun 14)
- Re: Rather funny; looks like page defacement to me Michael Sierchio (Jun 17)
- Re: Rather funny; looks like page defacement to me Paul Schmehl (Jun 17)
- Re: Rather funny; looks like page defacement to me George W. Capehart (Jun 17)
- Gartner comments (was Re: Rather funny; looks like page defacement to me) Randy Taylor (Jun 17)
- <Possible follow-ups>
- Re: Rather funny; looks like page defacement to me broyds (Jun 14)
- RE: IDS failures and avoiding them (WAS: Rather funny; looks like page defacement to me) Mike Lyman (Jun 17)
- RE: IDS failures and avoiding them (WAS: Rather funny; looks like page defacement to me) Jim Butterworth (Jun 17)
- RE: IDS failures and avoiding them (WAS: Rather funny; looks like page defacement to me) Angel Rivera (Jun 17)
- RE: IDS failures and avoiding them (WAS: Rather funny; looks like page defacement to me) Mike Lyman (Jun 17)
- Re: Rather funny; looks like page defacement to me adam (Jun 14)