IDS mailing list archives
RE: Intrusion Prevention
From: "Ralph Los" <RLos () enteredge com>
Date: Tue, 10 Dec 2002 12:01:08 -0500
Something to think about too. The only 2 things in life that are 100% guaranteed are death, and taxes. There is NO such thing as 100%, best I'd say...in this industry, is about 66%...and that's even very good. ::: -----Original Message----- ::: From: Jill Tovey [mailto:jill.tovey () bigbluedoor com] ::: Sent: Monday, December 09, 2002 4:46 AM ::: To: focus-ids () securityfocus com ::: Subject: Re: Intrusion Prevention ::: ::: ::: In-Reply-To: ::: <20021206031213.FGIH2199.lakemtao01.cox.net () smtp east cox net> ::: ::: ActiveScout by all intents and purposes seems a unique and ::: innovative ::: approach to IDS technologies and provides a number of ::: advantages over ::: other detection systems, such as proactively detecting ::: reconnaissance ::: attacks. ::: ::: However, as far as I can see the disadvantages could be ::: that you can only ::: run the sensor on a redhat 7.2 platform, which is fairly old now. ::: ::: On testing it seems to have performed well, however, I have ::: read that ::: there have been some problems. ActiveScout is good at ::: detecting attacks ::: that are followed by reconnaissance activities, but does ::: not catch all ::: direct attacks made on a system. ::: ::: I think it would work well with an anomaly-based IDS on the ::: internal ::: network. ::: ::: Kind Regards, ::: ::: Jill Tovey ::: None ::: ::: :::
Current thread:
- Intrusion Prevention intrusi0n (Dec 08)
- Re: Intrusion Prevention Paul Wayne Brager Jr (Dec 09)
- Re: Intrusion Prevention Raistlin (Dec 09)
- Re: Intrusion Prevention roy lo (Dec 10)
- Re: Intrusion Prevention Karl Lynn (Dec 11)
- <Possible follow-ups>
- RE: Intrusion Prevention Avi Chesla (Dec 09)
- Re: Intrusion Prevention Jill Tovey (Dec 09)
- Re: Intrusion Prevention Frank Knobbe (Dec 10)
- RE: Intrusion Prevention Adam Powers (Dec 10)
- RE: Intrusion Prevention Ralph Los (Dec 10)
- Re: Intrusion Prevention Vern Paxson (Dec 10)
- RE: Intrusion Prevention Chris Petersen (Dec 11)
- Intrusion Prevention Johnny Kho (Dec 23)
- RE: Intrusion Prevention Robert_Huber (Dec 11)
- RE: Intrusion Prevention Matthew L. McGuirl (Dec 11)
- RE: Intrusion Prevention Frank Knobbe (Dec 11)
- RE: Intrusion Prevention Carey, Steve T GARRISON (Dec 23)
- Re: Intrusion Prevention Dave Mitchell (Dec 23)
- Re: Intrusion Prevention Randy Taylor (Dec 24)
- Re: Intrusion Prevention Dave Mitchell (Dec 23)
- Re: Intrusion Prevention Rick Williams (Dec 27)
(Thread continues...)