RE: IDS and Spywares

[Dhruv Soi <dhruv_ymca () yahoo com>]

Right said Omar, thats why security companies are
investing million of $s and working on Products like
NIDS, hIDS and other secuirty products like
Vulnerability assessment/management etc.. 
Frank, don't you believe that a Techie can even harden
a MS OS to protect it from Virus/Worm attack or from
some vulnerability exploit attacks... 
But still he would like to keep his machine upto-date
with MS patches and with antivirus service always
running, may be hIDS running or probably with NIDS
installed on network..just to get on safer side and to
minimize the security risk and above all to go into
relax mode by reducing administartive tasks... 
Same way IDS, HIDS, Antivirus all are protecting the
networks,hosts at different layers...Leaving the
Network administrators with least administrative
work...
If you want to see the Administrator running in
company shouting "hey, theres spyware", "oops! I
missed to harden this machine". In this case you can
surely offer that job to Omar ;-) 

-Dhruv


--- Omar Herrera <oherrera () prodigy net mx> wrote:

> > -----Original Message-----
> > From: Frank Knobbe [mailto:frank () knobbe us]
> > Sent: Saturday, October 15, 2005 3:06 AM
> >
> > On Fri, 2005-10-14 at 10:03 +0100, Omar A. Herrera
> wrote:
> > [...]
> > > I do agree with you that layered security is
> always the best option,
> > even if
> > > there is some redundancy in some of the
> activities performed by
> > different
> > > kinds of products.
> > [...]
> >
> >
> > What I'm trying to say is:
> >
> > Stop wasting your time wrapping more band-aids
> around flaws! Start
> > attacking the real problem and solve that! Stop
> buying into the security
> > buzz spun by security vendors promising the
> all-curing pixie dust, and
> > understand and correct the core root causes of the
> problem yourself!
> > If we don't look at the real issues anymore, then
> all hope is lost.
> >
>
> Yea right... it is easy to be a purist and just
> point out at the right
> theoretical solution. You are absolutely right, but
> if making those changes
> were just as simple as saying it...
>
> I'm not talking to the technological part of the
> problem here, but to
> administrative problem. You really think it is so
> simple to just go with
> your Boss and say: "Hey Boss, we need to replace all
> those workstations with
> X because of this and this, throwing away and
> historic dependency of dozens
> of versions for thousands of applications, many of
> which don't exist for X
> for several reasons, but we can simply develop them
> ourselves"?
>
> You better offer me a job in your company (where it
> seems it is possible to
> do this), because if I do this, I'm certainly going
> to get kicked out of
> mine :-)
>
> Understanding and complying with business
> requirements and restrictions is
> also an essential part of our jobs, not just playing
> the techie, all
> powerful, know all wizard.
>
> Regards,
>
> Omar Herrera


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------