IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Target based IDS review and discussion in Information Security

From: Richard Bejtlich <richard_bejtlich () yahoo com>
Date: Mon, 12 Jan 2004 15:32:28 -0800 (PST)
Regarding Becky Bace's use of the term "target-based
IDS":

Her "Intrusion Detection" has a 2000 copyright.  On
page 38 she says:

"Target-based monitors function a bit differently from
the other monitors...[they] use cryptographic hash
functions to detect alterations to system objects and
then compare these alterations to a policy."

She's talking about integrity verification software
like Tripwire.

This 31 Oct 00 post to focus-IDS by Gene Kim mentions
this specifically:

http://archives.neohapsis.com/archives/sf/ids/2000-q4/0071.html

Marty coined the term "target-based IDS" with respect
to non-Tripwire implementations as far as I can tell. 
:)

Sincerely,

Richard Bejtlich
http://www.taosecurity.com

__________________________________
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus

---------------------------------------------------------------------------
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: