IDS mailing list archives
RE: Email reputation for inout to IDSs?
From: "Hellman, Matthew" <Hellman.Matthew () principal com>
Date: Wed, 26 Nov 2008 13:18:00 -0600
This is just a wag, but I suspect that Cisco will most likely use this to change (e.g. increase) the risk rating of an alert. Personally, I'm not sure how sensible it would be to do much more than that.
-----Original Message----- From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]
On Behalf Of Gautam Singaraju Sent: Saturday, November 22, 2008 7:22 PM To: focus-ids () securityfocus com Subject: Email reputation for inout to IDSs? All, I have been working in email reputation system that has computed sender reputations for over an year. I believe that there are couple of efforts to incorporate email reputations into IDSs. Is someone in the group working on this? Are there any IDSs which can be configured to perform extensive analysis for non-reputable senders? I would be interested in sharing this data with other researchers in the group. --- Gautam ----------------------------------------------------------------------
--
Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campa
ign=
intro_sfw to learn more. ----------------------------------------------------------------------
-- -----Message Disclaimer----- This e-mail message is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended recipient, any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by reply email to Connect () principal com and delete or destroy all copies of the original message and attachments thereto. Email sent to or from the Principal Financial Group or any of its member companies may be retained as required by law or regulation. Nothing in this message is intended to constitute an Electronic signature for purposes of the Uniform Electronic Transactions Act (UETA) or the Electronic Signatures in Global and National Commerce Act ("E-Sign") unless a specific statement to the contrary is included in this message. While this communication may be used to promote or market a transaction or an idea that is discussed in the publication, it is intended to provide general information about the subject matter covered and is provided with the understanding that The Principal is not rendering legal, accounting, or tax advice. It is not a marketed opinion and may not be used to avoid penalties under the Internal Revenue Code. You should consult with appropriate counsel or other advisors on all matters pertaining to legal, tax, or accounting obligations and requirements. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- RE: Email reputation for inout to IDSs? Hellman, Matthew (Dec 01)