IDS mailing list archives
Re: Intrusion Prevention
From: Jill Tovey <jill.tovey () bigbluedoor com>
Date: 9 Dec 2002 09:46:10 -0000
In-Reply-To: <20021206031213.FGIH2199.lakemtao01.cox.net () smtp east cox net> ActiveScout by all intents and purposes seems a unique and innovative approach to IDS technologies and provides a number of advantages over other detection systems, such as proactively detecting reconnaissance attacks. However, as far as I can see the disadvantages could be that you can only run the sensor on a redhat 7.2 platform, which is fairly old now. On testing it seems to have performed well, however, I have read that there have been some problems. ActiveScout is good at detecting attacks that are followed by reconnaissance activities, but does not catch all direct attacks made on a system. I think it would work well with an anomaly-based IDS on the internal network. Kind Regards, Jill Tovey
Current thread:
- Intrusion Prevention intrusi0n (Dec 08)
- Re: Intrusion Prevention Paul Wayne Brager Jr (Dec 09)
- Re: Intrusion Prevention Raistlin (Dec 09)
- Re: Intrusion Prevention roy lo (Dec 10)
- Re: Intrusion Prevention Karl Lynn (Dec 11)
- <Possible follow-ups>
- RE: Intrusion Prevention Avi Chesla (Dec 09)
- Re: Intrusion Prevention Jill Tovey (Dec 09)
- Re: Intrusion Prevention Frank Knobbe (Dec 10)
- RE: Intrusion Prevention Adam Powers (Dec 10)
- RE: Intrusion Prevention Ralph Los (Dec 10)
- Re: Intrusion Prevention Vern Paxson (Dec 10)
- RE: Intrusion Prevention Chris Petersen (Dec 11)
- Intrusion Prevention Johnny Kho (Dec 23)
- RE: Intrusion Prevention Robert_Huber (Dec 11)
- RE: Intrusion Prevention Matthew L. McGuirl (Dec 11)
- RE: Intrusion Prevention Frank Knobbe (Dec 11)
- RE: Intrusion Prevention Carey, Steve T GARRISON (Dec 23)
(Thread continues...)