IDS mailing list archives
Re: Solaris 10 x86 HIDS
From: Santiago Barahona <sant-bar () dsv su se>
Date: Thu, 29 Mar 2007 07:49:25 +0200
On 23 Mar 07, at 11:31, Stefano Zanero wrote: Nomellames nunca wrote:
HIDS are different than NIDS.
Quite different.
NIDS cannot defend against insider attacks, for example.
This is not true. It may be true that currently available NIDS, deployed as they are currently deployed, cannot. But it's not a distinctive feature of HIDS against NIDS in general. >Maybe Nomellames nunca was referring "insider" to users in the system who try perform unauthorised actions whilst logged in. Not via a network connection. Besides this, Stefano is right, having an internal NIDS can be of help to detect/defend insider attacks and if the proper technology is used, also misuse/abuse of resources.
cheers (viva la birra Moretti!) ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
Current thread:
- Fwd: Solaris 10 x86 HIDS kevin fielder (Mar 14)
- Re: Fwd: Solaris 10 x86 HIDS tim_holman (Mar 15)
- Message not available
- Re: Fwd: Solaris 10 x86 HIDS Nomellames nunca (Mar 19)
- Re: Fwd: Solaris 10 x86 HIDS Stefano Zanero (Mar 26)
- Re: Solaris 10 x86 HIDS Santiago Barahona (Mar 29)
- Re: Fwd: Solaris 10 x86 HIDS Nomellames nunca (Mar 19)