Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: lots of monkeys staring at a screen....security?

From: "Jamie Riden" <jamesr () europe com>
Date: Fri, 27 Oct 2006 15:03:13 +1300
On 27/10/06, Dave Aitel <dave.aitel () gmail com> wrote:


BT Group buys Counterpane for 20M. What were Counterpane's revanues I
wonder. You always heard about them, but I never saw them at an actual
client.

http://www.schneier.com/blog/archives/2006/10/bt_acquires_cou.html

My feeling is that IDS is 1980's technology and doesn't work anymore. This
makes Sourcefire and Counterpane valuable because they let people fill the
checkbox at the lowest possible cost, but if it's free for all IBM customers
to throw an IDS in the mix then the price of that checkbox is going to get
driven down as well.


I think you underestimate the number of stupid attackers - internal
and external. Whether it's the virus du jour which is sending SYNs
like they're going out of fashion, a bog standard IRC bot which is
phoning home in cleartext, or someone trying an on-line brute force
attack against a strong 8 character password. Then there were people
who thought that because we were a Uni, we wouldn't notice someone
scanning a class A from our network, or the machine that had been left
wide open to the Internet and then reused as someone's desktop. No,
they didn't change the firewall settings in between.

But it wouldn't hurt to slap a big sticker that says "if you're lucky,
this will catch the stupid ones" on any IDS you may come across .

cheers,
 Jamie (I nearly wrote 'misunderestimate', damnit!)
-- 
Jamie Riden / jamesr () europe com / jamie.riden () gmail com
NZ Honeynet project - http://www.nz-honeynet.org/
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: