funsec mailing list archives
RE: so, is I[dp]S a STUPID technology?
From: Paul Schmehl <pauls () utdallas edu>
Date: Thu, 13 Oct 2005 15:54:57 -0500
--On Thursday, October 13, 2005 11:09:24 +0100 Barrie Dempster <barrie () reboot-robot net> wrote:
The problem being that the machines are outwith the network administrators control, they don't even belong to him or the network owners. It's more similar to an ISP/customer relationship than it is to company/employee relationship. Therefore if the ISP wants to protect their network they have to make an effort to control the traffic from these machines. A .edu is one of the few cases I think I[P|D]S's are worth setting up. In a more controlled environment such as one where the network admin team has administrative control over all of the devices on the LAN then these technologies may not have the desired benefit.
Thanks for "getting it" *and* for explaining it so well.I don't want to leave the wrong impression. We're not having huge problems with infections or breakins - haven't for some time now. And I'm not really trying to bitch about our situation. It is what it is. I'm just sayin' - edu is a different beast and it takes different approaches to solving the problems.
Also, our network group, while they work closely with us and we all get along quite well (and have similar philosophies WRT security), has different priorities that we do in security. So, what we think might be the right approach, they can't implement due to manpower shortage or existing project priorities sometimes. So somethings I'd love to do I simply can't because I don't have control of them.
I'd love to have control over every box on our network., but it ain't ever gonna happen. The sooner I accept that and start looking for solutions that work in my environment, the better off I am and the more secure my environment is. TP fit the bill quite well and has served us quite well.
Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: so, is I[dp]S a STUPID technology?, (continued)
- Re: so, is I[dp]S a STUPID technology? Valdis . Kletnieks (Oct 12)
- RE: so, is I[dp]S a STUPID technology? Aditya Deshmukh (Oct 11)
- RE: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 12)
- Re: so, is I[dp]S a STUPID technology? Florian Weimer (Oct 12)
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 12)
- Re: so, is I[dp]S a STUPID technology? Valdis . Kletnieks (Oct 12)
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 12)
- RE: so, is I[dp]S a STUPID technology? Aditya Deshmukh (Oct 12)
- RE: so, is I[dp]S a STUPID technology? Barrie Dempster (Oct 13)
- Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 13)
- RE: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 13)
- lalala [was: Re: so, is I[dp]S a STUPID technology?] Gadi Evron (Oct 11)
- Re: lalala [was: Re: so, is I[dp]S a STUPID technology?] Valdis . Kletnieks (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 11)
- IPS as anti ddos???? [was: Re: so, is I[dp]S a STUPID technology?] Gadi Evron (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 11)