Firewall Wizards mailing list archives

Re: INtrusion Detection

From: Vern Paxson <vern () ee lbl gov>
Date: Tue, 17 Feb 1998 10:11:56 PST

I started a similar thread a few days ago on the IDS list ...


(Is that list still alive?  I never unsubscribed, but haven't seen your post.)

One thing that I have noticed, is that we tend to deal in absolutes...  A 
product has to meet x,y,z absolutely or it is considered BAD.  I totally 
disagree with that thought stream ...


To my mind, the current IDS arguments/discussions are not about absolute
security.  They're instead in particular about vulnerabilities that can
be exploited *by software alone*.  Experience has proven it's vital to
defend against these, as absolutely as possible, because of the speed
with which exploit software can spread.

                Vern

Current thread:

Practical Firewall Metrics...Was: INtrusion Detection, (continued)
- - Practical Firewall Metrics...Was: INtrusion Detection Christopher Nicholls (Feb 20)
    - Re: Practical Firewall Metrics Marcus J. Ranum (Feb 20)
    - Re: Practical Firewall Metrics Michael Brennen (Feb 20)
    - Re: Practical Firewall Metrics Marcus J. Ranum (Feb 20)
    - Re: Practical Firewall Metrics Christopher Nicholls (Feb 24)
    - Re: Practical Firewall Metrics Bennett Todd (Feb 20)
    - Re: Practical Firewall Metrics Leonard Miyata (Feb 20)
    - Re: Practical Firewall Metrics...Was: INtrusion Detection Bennett Todd (Feb 20)
- Re: INtrusion Detection tqbf (Feb 18)
  - Re: INtrusion Detection Adam Shostack (Feb 18)
- Re: INtrusion Detection Vern Paxson (Feb 18)
  - Re: INtrusion Detection Marcus J. Ranum (Feb 18)
- Re: INtrusion Detection tqbf (Feb 18)
- RE: INtrusion Detection Gary Crumrine (Feb 19)
  - RE: INtrusion Detection Alfred Huger (Feb 19)
  - Re: INtrusion Detection tqbf (Feb 19)
    - Re: INtrusion Detection George M. Jones (Feb 20)
    - Re: INtrusion Detection Alfred Huger (Feb 20)