IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort with an expert system

From: Stefano Zanero <s.zanero () securenetwork it>
Date: Fri, 26 Jun 2009 22:14:07 +0200
Not for nothing but #2 is exactly what Sourcefire's been doing since
2004.  Sorry for the commercial but I think I've been pretty outspoken
on this topic since 2000 or so...



Well, I guess I have to pipe in also, then.  Cisco is doing the same.  Read
my book "Security Monitoring with CS-MARS" for more info.


Sorry Marty, sorry Gary, I love both products, but they are not even
close to realizing what Greg asked for :)

Of course, they do reduce "false positives/noncontextual
alerts/whatevers", and so they are to be commended, but knowing "if the
attack has been successful" is actually way beyond anybody's capability,
short of a crystal sphere :)

Stefano

-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate 
on your web server, you can securely collect sensitive information online, and increase business by giving your 
customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
Previous By Date Next
Previous By Thread Next

Current thread: