Vulnerability Development mailing list archives
Re: Thinking about Security rules...
From: "f.harster" <f.harster () evc net>
Date: Thu, 09 May 2002 08:34:00 +0000
Rhino Bond wrote:
Folks, Since many of us are intensly commited to learning, research and knowledge I felt it appropriate to post this here. At my current contract we are trying to come up with a set of rules that is "all inclusive" (as much as possible). Granted a Security Policy is part of it, so are firewall rules, so might be the rules for the IDS. When I asked for further clarification on this topic, I was told, "you know something like "fuzzy-logic" that states IF "A" then "Z" (for example a hacker is hacking away at the firewall), BUT if the hacker breaks through the firewall, then We need to jump to IDS rules, so now it's IF B then Y, and if the hacker get's into the corporate piggy bank and steals money, then it's IF C then X... Any thoughts on this? Anyone seen a white paper on such a set of rules?
David,actually this reminds me of the "Defense-in-Depth" concept applied to network/system security, but i may be wrong ;) have a look at this one in the meantime : http://rr.sans.org/start/primer.php
cheers Fred
Current thread:
- Thinking about Security rules... Rhino Bond (May 08)
- Re: Thinking about Security rules... Peter Kristolaitis (May 08)
- RE: Thinking about Security rules... Sean Convery (May 09)
- Re: Thinking about Security rules... f.harster (May 09)
- Re: Thinking about Security rules... Ray Parks (May 09)
- Re: Thinking about Security rules... f.harster (May 10)
- Re: Thinking about Security rules... Harvey Newstrom (May 10)
- Re: Thinking about Security rules... Geoff Galitz (May 13)
- Re: Thinking about Security rules... Rhino Bond (May 14)
- Re: Thinking about Security rules... Geoff Galitz (May 14)
- Re: Thinking about Security rules... Ray Parks (May 09)
- Re: Thinking about Security rules... Peter Kristolaitis (May 08)
- <Possible follow-ups>
- RE: Thinking about Security rules... Mendoza Bazan, Luis - (Per) (May 14)
- Re: Thinking about Security rules... David Hawley (May 14)