Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Getting more paranoid by the minute. :-/

From: "AJ Butcher, Information Systems and Computing" <Alex.Butcher () bristol ac uk>
Date: Mon, 26 Apr 2004 09:59:09 +0100


--On 24 April 2004 21:35 -0400 "Shaun T. Erickson" <ste () smxy org> wrote:


The more I read Syngress Snort 2.0 book (I'm in chapter 5), the more I
understand that there are an endless number of attacks out there. I'm
concerned that my lack of knowledge will let an attacker at the data. I
can't let that happen.

How can I possibly learn enough, quickly enough, to write all the rules
to protect my client, when I don't even know all the attacks and exploits
that are out there?


You Can't. Don't Promise That You Can.
The client should be hiring you to /reduce/ exposure to risk, not to eliminate it. If this isn't what they /think/ they're hiring you to do, you need to reset their expectations, urgently. 


        -ste


Best Regards,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9




-------------------------------------------------------
This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
For a limited time only, get FREE Ground shipping on all orders of $35
or more. Hurry up and shop folks, this offer expires April 30th!
http://www.thinkgeek.com/freeshipping/?cpg=12297
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: