IDS mailing list archives
IDS & encryption
From: Aaron Cheek <aaron_cheek () yahoo com>
Date: Sun, 26 Oct 2003 03:48:07 -0800 (PST)
Hi, I was just wondering what (if any) have been the latest advances and general vendor approaches of IDS in terms of analyzing encrypted traffic. AFAIK, so far some common approaches have been: * Using HIDS to complement NIDS in encrypted traffic situations. * Placing the encryption keys in the IDS (any known products that do that??). * Using a "clear-text DMZ" between 2 VPN firewalls for VPN traffic. Any other approaches that I must know of? Can any of you point to interesting references in this direction? Thanks!! Aaron __________________________________ Do you Yahoo!? Exclusive Video Premiere - Britney Spears http://launch.yahoo.com/promos/britneyspears/ --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_focus-ids_031023 and use priority code SF4. ---------------------------------------------------------------------------
Current thread:
- IDS & encryption Aaron Cheek (Oct 27)