IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Target based IDS review and discussion in Information Security

From: "Teicher, Mark (Mark)" <teicher () avaya com>
Date: Tue, 13 Jan 2004 19:03:44 -0700
I agree, Becky Bace's term mentioned is not applicable to Intrusion
Detection as it is known today.  Her assumptions were solely based on
host-integrity

/mark 

-----Original Message-----
From: Richard Bejtlich [mailto:richard_bejtlich () yahoo com] 
Sent: Monday, January 12, 2004 4:32 PM
To: focus-ids () securityfocus com
Subject: Re: Target based IDS review and discussion in Information
Security

Regarding Becky Bace's use of the term "target-based
IDS":

Her "Intrusion Detection" has a 2000 copyright.  On page 38 she says:

"Target-based monitors function a bit differently from the other
monitors...[they] use cryptographic hash functions to detect alterations
to system objects and then compare these alterations to a policy."

She's talking about integrity verification software like Tripwire.

This 31 Oct 00 post to focus-IDS by Gene Kim mentions this specifically:

http://archives.neohapsis.com/archives/sf/ids/2000-q4/0071.html

Marty coined the term "target-based IDS" with respect to non-Tripwire
implementations as far as I can tell. 
:)

Sincerely,

Richard Bejtlich
http://www.taosecurity.com

__________________________________
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus

------------------------------------------------------------------------
---
------------------------------------------------------------------------
---




---------------------------------------------------------------------------
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: