IDS mailing list archives
Re: How to monitor encrypted connections...
From: Stefano Zanero <s.zanero () securenetwork it>
Date: Wed, 03 Oct 2007 11:07:39 +0200
abhicc285 () gmail com wrote:
Abhi: --- Please correct me, as per my understanding the HIPS will be executing rules at IP layer
An HOST intrusion prevention system is, by definition, something which works on the host, looking at the operating system, applications, and their interactions. An IPS which works on IP packets on a single host is at most a personal firewall.
Abhi: HIPS will be executing on the same host as the application. So i think for HIPS there is no concept of storing keys in other device.
Nor it will have any problem of decryption. Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- Re: Re: How to monitor encrypted connections... abhicc285 (Oct 01)
- Re: How to monitor encrypted connections... Stefano Zanero (Oct 03)
- <Possible follow-ups>
- Re: How to monitor encrypted connections... crazy frog crazy frog (Oct 01)