IDS mailing list archives
Re: True definition of Intrusion Prevention
From: Gary Flynn <flynngn () jmu edu>
Date: Tue, 30 Dec 2003 08:08:05 -0500
Ron Gula wrote:
Yep ... "intrusion prevention" is the latest bandwagon marketing folks are getting into. What makes matters worse is I think that "intrusion detection" was also mis-labeled from the start. IDS was really "attackand probe detection" but rarely did they actually detect real compromises.Everything from better passwords to extra firewalls can be considered intrusion prevention.
Amen.
I see a lot of folks halting NIDS/HIDS deployments in favor of enhanced configuration/vulnerability management or even outsourceingIT altogether.
While I agree that attacking the problem at its source (system insecurity) is
the better solution, if that were effective, we wouldn't need firewalls. :) --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- True definition of Intrusion Prevention Teicher, Mark (Mark) (Dec 29)
- Re: True definition of Intrusion Prevention Gary Flynn (Dec 30)
- <Possible follow-ups>
- Re: True definition of Intrusion Prevention Ron Gula (Dec 29)
- Re: True definition of Intrusion Prevention Gary Flynn (Dec 30)
- RE: True definition of Intrusion Prevention Teicher, Mark (Mark) (Dec 29)
- Re: True definition of Intrusion Prevention Gary Flynn (Dec 30)
- RE: True definition of Intrusion Prevention Craig H. Rowland (Dec 30)
- RE: True definition of Intrusion Prevention Richard Bejtlich (Dec 30)
- Re: True definition of Intrusion Prevention Bamm Visscher (Dec 30)
- RE: True definition of Intrusion Prevention Teicher, Mark (Mark) (Dec 30)
- RE: True definition of Intrusion Prevention Frank Knobbe (Dec 30)
- RE: True definition of Intrusion Prevention Raj_Dhingra (Dec 30)
- RE: True definition of Intrusion Prevention Teicher, Mark (Mark) (Dec 30)
- RE: True definition of Intrusion Prevention Teicher, Mark (Mark) (Dec 30)
(Thread continues...)