Firewall Wizards mailing list archives
Re: Intrusion Prevention Firewall
From: dont <dont () csds uidaho edu>
Date: Fri, 5 Apr 2002 11:51:58 -0800 (PST)
On Fri, 5 Apr 2002, Gary Flynn wrote:
I want the IDP to simply drop the offending packet(s). :)
again, we seem to be putting the cart before the horse. let's figure out how to detect first, then we (i.e., someone else's PhD) can decide how to respond.
but is the goal to reduce the manpower requirement for an Intelligent Human analyst?No. Its to create an effective intrusion prevention system instead of an alarm system that does nothing to stop attacks.
My thought and work is to try and create a symbiosis between man and machine, in such a way that the machine becomes a problem-solving partner with the operator and guides in the decision-making. Yes, I know it is a fantasy, but, darnit, it's MY fantasy! :-)
network. But I would think it would be possible to identify a fair number of them. Am I wrong? Naive?
Well, we are not there yet. About all we can detect are the trucks driving through honking there horns saying "Hey, look at me", regardless of what vendors tell you. Again, though, reliable detection is my fantasy. Unfortunately, because it is not a short-term research thing with ROI results, no one really wants to fund anything that is not "almost done." don tobin struggling student at univ of idaho ========================================================================== Men are from Earth. Women are from Earth. Deal with it! ========================================================================== dont () csds uidaho edu WebSpace - http://www.csds.uidaho.edu/~dont _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Intrusion Prevention Firewall, (continued)
- RE: Intrusion Prevention Firewall Dave Piscitello (Apr 16)
- RE: Intrusion Prevention Firewall R. DuFresne (Apr 17)
- RE: Intrusion Prevention Firewall Dave Piscitello (Apr 17)
- RE: Intrusion Prevention Firewall R. DuFresne (Apr 18)
- RE: Intrusion Prevention Firewall Mike Shaw (Apr 17)
- Re: Intrusion Prevention Firewall Crispin Cowan (Apr 05)
- Re: Intrusion Prevention Firewall Gary Flynn (Apr 06)
- Re: Intrusion Prevention Firewall dont (Apr 06)
- Re: Intrusion Prevention Firewall Crispin Cowan (Apr 05)
- RE: Intrusion Prevention Firewall Dave Piscitello (Apr 08)
- Re: Intrusion Prevention Firewall Gary Flynn (Apr 17)
- Re: Intrusion Prevention Firewall Patrick M. Hausen (Apr 18)