IDS mailing list archives
RE: IDS and Spywares
From: vipul kumra <vikumar2 () yahoo com>
Date: Wed, 12 Oct 2005 03:41:22 -0700 (PDT)
Hi Dhruv, I agree with what you have said... but then there is no 100% fool proof method for detecting anything. As far as I've seen iPolicy Networks IDS protection is quite strong... :) Vipul Kumra Sr. Security Analyst -----Original Message----- From: Dhruv Soi [mailto:dhruv_ymca () yahoo com] Sent: Saturday, October 08, 2005 11:20 AM To: neelabhsharma1 () gmail com; focus-ids () securityfocus com Subject: Re: IDS and Spywares Yeah you are right. Spyware detection through any anti-spyware program would be stronger mechanism than detecting it through IDS. But installation or information upload attempt of spyware can be blocked by IDS. Blocking may be in terms of detecting the vulnerability exploit attempt using which spyware installation occurs. Like IE vulnerabilities (IE chm, Drag Drop etc etc), or it could be detecting unique CLSIDs of known Spyware programs. And there are many products (Tipping Point, iPolicy etc. etc.) which claim that they block Spyware in their IDS. But I don't believe that Network based Spyware detection is full proof protection for Spyware but still it helps to certain extend. Ciao Dhruv --- neelabhsharma1 () gmail com wrote:
Could anyone in the group name a few IDS which detect spywares. In my view spywares are to be detected by an antivirus system and not by a network device.
------------------------------------------------------------------------
Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
__________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ __________________________________ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- RE: IDS and Spywares, (continued)
- RE: IDS and Spywares Desai, Deepen (Oct 11)
- Re: IDS and Spywares barcajax (Oct 11)
- Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Jonathan Gauntt (Oct 12)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Tim Holman (Oct 14)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor byte_jump (Oct 18)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Frank Knobbe (Oct 18)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Jason (Oct 18)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Jason Haar (Oct 18)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Joel Esler (Oct 19)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Teemu Schaabl (Oct 18)
- Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Jonathan Gauntt (Oct 12)
- RE: IDS and Spywares vipul kumra (Oct 12)
- RE: IDS and Spywares Omar A. Herrera (Oct 13)
- RE: IDS and Spywares Matt Jonkman (Oct 14)
- RE: IDS and Spywares Omar A. Herrera (Oct 14)
- RE: IDS and Spywares Matt Jonkman (Oct 14)
- RE: IDS and Spywares Omar A. Herrera (Oct 14)
- RE: IDS and Spywares Frank Knobbe (Oct 18)
- RE: IDS and Spywares Omar Herrera (Oct 18)
- RE: IDS and Spywares Dhruv Soi (Oct 18)
- RE: IDS and Spywares Frank Knobbe (Oct 18)
- RE: IDS and Spywares Omar A. Herrera (Oct 18)
- RE: IDS and Spywares Omar A. Herrera (Oct 13)