IDS mailing list archives
Re: Target based IDS review and discussion in Information Security
From: Richard Bejtlich <richard_bejtlich () yahoo com>
Date: Mon, 12 Jan 2004 15:32:28 -0800 (PST)
Regarding Becky Bace's use of the term "target-based IDS": Her "Intrusion Detection" has a 2000 copyright. On page 38 she says: "Target-based monitors function a bit differently from the other monitors...[they] use cryptographic hash functions to detect alterations to system objects and then compare these alterations to a policy." She's talking about integrity verification software like Tripwire. This 31 Oct 00 post to focus-IDS by Gene Kim mentions this specifically: http://archives.neohapsis.com/archives/sf/ids/2000-q4/0071.html Marty coined the term "target-based IDS" with respect to non-Tripwire implementations as far as I can tell. :) Sincerely, Richard Bejtlich http://www.taosecurity.com __________________________________ Do you Yahoo!? Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes http://hotjobs.sweepstakes.yahoo.com/signingbonus --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- Target based IDS review and discussion in Information Security Joel Snyder (Jan 08)
- Re: Target based IDS review and discussion in Information Security Martin Roesch (Jan 09)
- Re: Target based IDS review and discussion in Information Security Joel Snyder (Jan 09)
- Re: Target based IDS review and discussion in Information Security Jeff Nathan (Jan 12)
- RE: Target based IDS review and discussion in Information Security Craig H. Rowland (Jan 12)
- Re: Target based IDS review and discussion in Information Security Martin Roesch (Jan 13)
- RE: Target based IDS review and discussion in Information Security Craig H. Rowland (Jan 13)
- Re: Target based IDS review and discussion in Information Security Ron Gula (Jan 13)
- Re: Target based IDS review and discussion in Information Security Joel Snyder (Jan 09)
- Re: Target based IDS review and discussion in Information Security Andy Cuff [Talisker] (Jan 12)
- Re: Target based IDS review and discussion in Information Security Martin Roesch (Jan 12)
- Re: Target based IDS review and discussion in Information Security Martin Roesch (Jan 09)
- <Possible follow-ups>
- Re: Target based IDS review and discussion in Information Security Richard Bejtlich (Jan 13)
- RE: Target based IDS review and discussion in Information Security Teicher, Mark (Mark) (Jan 13)