Firewall Wizards mailing list archives
Re: future of IDS
From: "Owen O'Connor" <owenc () panix com>
Date: Mon, 19 Oct 1998 12:27:29 -0400 (EDT)
On Fri, 16 Oct 1998, Martin W Freiss wrote:
... where the capture engine is in the firmware of the switch (hey, free product idea for the rest of you :-)). Tough for statistical analysis, should be doable for more signature based IDSes.
ISS for one have been talking about exactly this for quite some time. See for example http://www.iss.net/prod/tpo/rs_faq.html. ODS are jumping in bed with a number of NIDS vendors to put agents on the switch, see http://web.ods.com/ for details. I seem to recall that Cisco are talking about putting their NIDS product onto a Cisco blade for use in all your boder (and possibly interior) routers. This IMHO is where an IETF standard on data transfer would be useful. Owen O'Connor
Current thread:
- future of IDS Colin Campbell (Oct 16)
- Re: future of IDS Bennett Todd (Oct 16)
- Re: future of IDS Martin W Freiss (Oct 19)
- Re: future of IDS Owen O'Connor (Oct 23)
- Message not available
- Re: future of IDS Bennett Todd (Oct 23)
- Re: future of IDS Dominique Brezinski (Oct 27)
- Re: future of IDS Bennett Todd (Oct 28)
- Re: future of IDS David LeBlanc (Oct 28)
- Re: future of IDS Martin W Freiss (Oct 19)
- Re: future of IDS Bennett Todd (Oct 16)
- Re: future of IDS David Lang (Oct 19)
- Re: future of IDS Adam Shostack (Oct 19)
- Re: future of IDS John Ladwig (Oct 23)
- RE: future of IDS Jonathan Rozes (Oct 19)