IDS mailing list archives
RE: IDS and Spywares
From: Dhruv Soi <dhruv_ymca () yahoo com>
Date: Sat, 15 Oct 2005 01:12:32 -0700 (PDT)
Right said Omar, thats why security companies are investing million of $s and working on Products like NIDS, hIDS and other secuirty products like Vulnerability assessment/management etc.. Frank, don't you believe that a Techie can even harden a MS OS to protect it from Virus/Worm attack or from some vulnerability exploit attacks... But still he would like to keep his machine upto-date with MS patches and with antivirus service always running, may be hIDS running or probably with NIDS installed on network..just to get on safer side and to minimize the security risk and above all to go into relax mode by reducing administartive tasks... Same way IDS, HIDS, Antivirus all are protecting the networks,hosts at different layers...Leaving the Network administrators with least administrative work... If you want to see the Administrator running in company shouting "hey, theres spyware", "oops! I missed to harden this machine". In this case you can surely offer that job to Omar ;-) -Dhruv --- Omar Herrera <oherrera () prodigy net mx> wrote:
-----Original Message----- From: Frank Knobbe [mailto:frank () knobbe us] Sent: Saturday, October 15, 2005 3:06 AM On Fri, 2005-10-14 at 10:03 +0100, Omar A. Herrerawrote:[...]I do agree with you that layered security isalways the best option,even ifthere is some redundancy in some of theactivities performed bydifferentkinds of products.[...] What I'm trying to say is: Stop wasting your time wrapping more band-aidsaround flaws! Startattacking the real problem and solve that! Stopbuying into the securitybuzz spun by security vendors promising theall-curing pixie dust, andunderstand and correct the core root causes of theproblem yourself!If we don't look at the real issues anymore, thenall hope is lost.Yea right... it is easy to be a purist and just point out at the right theoretical solution. You are absolutely right, but if making those changes were just as simple as saying it... I'm not talking to the technological part of the problem here, but to administrative problem. You really think it is so simple to just go with your Boss and say: "Hey Boss, we need to replace all those workstations with X because of this and this, throwing away and historic dependency of dozens of versions for thousands of applications, many of which don't exist for X for several reasons, but we can simply develop them ourselves"? You better offer me a job in your company (where it seems it is possible to do this), because if I do this, I'm certainly going to get kicked out of mine :-) Understanding and complying with business requirements and restrictions is also an essential part of our jobs, not just playing the techie, all powerful, know all wizard. Regards, Omar Herrera
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor, (continued)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Joel Esler (Oct 19)
- Re: Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor Teemu Schaabl (Oct 18)
- RE: IDS and Spywares vipul kumra (Oct 12)
- RE: IDS and Spywares Omar A. Herrera (Oct 13)
- RE: IDS and Spywares Matt Jonkman (Oct 14)
- RE: IDS and Spywares Omar A. Herrera (Oct 14)
- RE: IDS and Spywares Matt Jonkman (Oct 14)
- RE: IDS and Spywares Omar A. Herrera (Oct 14)
- RE: IDS and Spywares Frank Knobbe (Oct 18)
- RE: IDS and Spywares Omar Herrera (Oct 18)
- RE: IDS and Spywares Dhruv Soi (Oct 18)
- RE: IDS and Spywares Frank Knobbe (Oct 18)
- RE: IDS and Spywares Omar A. Herrera (Oct 18)
- RE: IDS and Spywares Omar A. Herrera (Oct 13)
- RE: IDS and Spywares Omar Herrera (Oct 18)