IDS mailing list archives
Re: NIPS Vendors explicit answer
From: Ron Gula <rgula () tenablesecurity com>
Date: Mon, 26 Apr 2004 16:28:47 -0400
As with firewalls, we believe IPS needs to be more black and white regarding the approach taken. While much of the work being done regarding anomalous behavior is "cool", it is not practical unless it can be used in the "real world" to prevent attacks. Believing that traffic is harmful and knowing it is harmful are two different things. Besides which, I have never personally seen a product that operates on "magic foo-foo dust" work.
Excellent summary of ipANGEL. What do you use for vulnerability detection and IDS signatures? Ron Gula, CTO Tenable Network Securityhttp://www.tenablesecurity.com
--------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- NIPS Vendors explicit answer christian graf (Apr 08)
- Re: NIPS Vendors explicit answer christian graf (Apr 19)
- <Possible follow-ups>
- RE: NIPS Vendors explicit answer Kohlenberg, Toby (Apr 12)
- Re: NIPS Vendors explicit answer Vikram Phatak (Apr 26)
- Re: NIPS Vendors explicit answer Ron Gula (Apr 26)
- Re: NIPS Vendors explicit answer Vikram Phatak (Apr 27)
- Re: NIPS Vendors explicit answer Frank Knobbe (Apr 27)
- Re: NIPS Vendors explicit answer Vikram Phatak (Apr 27)
- Message not available
- Re: NIPS Vendors explicit answer Frank Knobbe (Apr 27)
- Re: NIPS Vendors explicit answer Vikram Phatak (Apr 27)
- RE: NIPS Vendors explicit answer Rob Shein (Apr 28)
- RE: NIPS Vendors explicit answer Frank Knobbe (Apr 30)
- RE: NIPS Vendors explicit answer Rob Shein (Apr 30)
- Re: NIPS Vendors explicit answer Ron Gula (Apr 26)
- Re: IDSes and known attacks (was: NIPS Vendors explicit answer) Drexx Laggui (Apr 28)
- Re: NIPS Vendors explicit answer Ron Gula (Apr 28)