Firewall Wizards mailing list archives

Re: future of IDS

From: Adam Shostack <adam () homeport org>
Date: Fri, 16 Oct 1998 17:02:56 -0400

On Fri, Oct 16, 1998 at 10:31:36AM -0700, Tupshin Harper wrote:
| 2) With the reality of GB LAN networking nearing the mainstream, has
| anybody(switch vendor or other) speculated on having for example a 10/100MB
| switch that has a GB port that can spit out all traffic on all ports for
| monitoring?  Would seem like an ideal solution for the security conscious.


        I don't think sniffing traffic is part of my ideal network
configuration.  A single point of failure of compartmentalization is
not something I want to install.

        Since others have mentioned hardware trends, let me throw in
another monkey wrench, which is crypto.  When I can route everything
over ssh or IPsec, your network sniffer becomes a traffic analysis
tool, and then keeping up with gigabyte streams is a lot easier.

Adam

Current thread:

Re: future of IDS, (continued)
- Re: future of IDS Bennett Todd (Oct 16)
  - Re: future of IDS Martin W Freiss (Oct 19)
    - Re: future of IDS Owen O'Connor (Oct 23)
  - Message not available
    - Re: future of IDS Bennett Todd (Oct 23)
    - Re: future of IDS Dominique Brezinski (Oct 27)
    - Re: future of IDS Bennett Todd (Oct 28)
    - Re: future of IDS David LeBlanc (Oct 28)
- Re: future of IDS Gigi Sullivan (Oct 16)
  - Re: future of IDS David Lang (Oct 19)
- RE: future of IDS Tupshin Harper (Oct 16)
  - Re: future of IDS Adam Shostack (Oct 19)
    - Re: future of IDS John Ladwig (Oct 23)
  - RE: future of IDS Jonathan Rozes (Oct 19)
- Re: future of IDS Joseph S. D. Yao (Oct 19)
- Re: future of IDS NetSurfer (Oct 19)
- Re: future of IDS cfb (Oct 19)
- Re: future of IDS Vern Paxson (Oct 16)
  - Re: future of IDS Stephen P. Gibbons (Oct 19)
    - Re: future of IDS Crispin Cowan (Oct 23)
    - Re: future of IDS Stephen P. Gibbons (Oct 23)
  - Re: future of IDS Darren Reed (Oct 19)

(Thread continues...)