IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS detection approaches

From: jean-philippe luiggi <jpl () didconcept com>
Date: Sat, 6 Oct 2007 09:43:19 -0400
Hello Franck,

On 5 Oct 2007 02:29:52 -0000
frankfrydrych () gmail com wrote:


Hola,

I would completely go with a signature based IDS. Anomaly based IDS
will not give you the greatest results. 


As of signature based IDS...
Let's imagine a so called "0-day", how could you get signature for
a thing that nobody saw ?
I don't say Anomaly based IDS are best, they're complementary
for precisely trying to find what the signature based do not see.


Best regards,

Jean-philippe.


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: