Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: lots of monkeys staring at a screen....security?

From: "Halvar Flake" <halvar () gmx de>
Date: Fri, 27 Oct 2006 17:23:26 +0200
In this entire IDS debate, I would like to recommend reading an old
blog post from FX:

http://www.phenoelit.net/lablog/paradigms/weglassen.sl

Security by weglassen --> Security by omission.

I still agree with the concept of replacing an IDS with just a large 
quantity
of tapes on which to archive all traffic. IDSs will never alert you to an 
attack-
in-progress, and by just dumping everything onto a disk somewhere you can
at least do a halfways-decent forensics job thereafter. Since everybody and
his dog is doing cryptoshellcode these days you won't be all-knowing, but
at least you should be able to properly identify which machine got owned 
first.

Cheers,
Halvar 

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: