Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Britney and Kevin are Chaotic

From: Adam Shostack <adam () homeport org>
Date: Thu, 26 May 2005 19:19:39 -0400
On Fri, May 27, 2005 at 12:18:25AM +0100, Chris Anley wrote:
| byte_jump wrote:
| >This is a question for everyone that is bashing IDS: What is an 
| >alternative?
| 
| Better IDS?
| 
| Knee-jerk IDS bashing aside, I don't think there is one. It's obviously 
| more economical to detect anomalies on a network rather than a host 
| level, and you obviously want to detect anomalies.

Really?  Why not tripwire a few hosts?  Or wait for something bad to
happen?

Can you show me that spending on an IDS really leads to lower incident
handling costs?  (I suspect that it could, but have no data.)

Adam
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: