funsec mailing list archives

RE: so, is I[dp]S a STUPID technology?

From: Paul Schmehl <pauls () utdallas edu>
Date: Thu, 13 Oct 2005 15:54:57 -0500

--On Thursday, October 13, 2005 11:09:24 +0100 Barrie Dempster<barrie () reboot-robot net> wrote:


The problem being that the machines are outwith the network
administrators control, they don't even belong to him or the network
owners. It's more similar to an ISP/customer relationship than it is to
company/employee relationship. Therefore if the ISP wants to protect
their network they have to make an effort to control the traffic from
these machines. A .edu is one of the few cases I think I[P|D]S's are
worth setting up. In a more controlled environment such as one where the
network admin team has administrative control over all of the devices on
the LAN then these technologies may not have the desired benefit.

Thanks for "getting it" *and* for explaining it so well.

I don't want to leave the wrong impression. We're not having huge problemswith infections or breakins - haven't for some time now. And I'm notreally trying to bitch about our situation. It is what it is. I'm justsayin' - edu is a different beast and it takes different approaches tosolving the problems.

Also, our network group, while they work closely with us and we all getalong quite well (and have similar philosophies WRT security), hasdifferent priorities that we do in security. So, what we think might bethe right approach, they can't implement due to manpower shortage orexisting project priorities sometimes. So somethings I'd love to do Isimply can't because I don't have control of them.

I'd love to have control over every box on our network., but it ain't evergonna happen. The sooner I accept that and start looking for solutionsthat work in my environment, the better off I am and the more secure myenvironment is. TP fit the bill quite well and has served us quite well.


Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: so, is I[dp]S a STUPID technology?, (continued)
- - - Re: so, is I[dp]S a STUPID technology? Valdis . Kletnieks (Oct 12)
    - RE: so, is I[dp]S a STUPID technology? Aditya Deshmukh (Oct 11)
    - RE: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 12)
  - Re: so, is I[dp]S a STUPID technology? Florian Weimer (Oct 12)
    - Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 12)
    - Re: so, is I[dp]S a STUPID technology? Valdis . Kletnieks (Oct 12)
    - Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 12)
    - RE: so, is I[dp]S a STUPID technology? Aditya Deshmukh (Oct 12)
    - RE: so, is I[dp]S a STUPID technology? Barrie Dempster (Oct 13)
    - Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 13)
    - RE: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 13)
- RE: so, is I[dp]S a STUPID technology? Kyle Quest (Oct 11)
  - lalala [was: Re: so, is I[dp]S a STUPID technology?] Gadi Evron (Oct 11)
    - Re: lalala [was: Re: so, is I[dp]S a STUPID technology?] Valdis . Kletnieks (Oct 11)
- RE: so, is I[dp]S a STUPID technology? Kyle Quest (Oct 11)
  - Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 11)
  - IPS as anti ddos???? [was: Re: so, is I[dp]S a STUPID technology?] Gadi Evron (Oct 11)
- RE: so, is I[dp]S a STUPID technology? Kyle Quest (Oct 11)
  - Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 11)
- RE: so, is I[dp]S a STUPID technology? Kyle Quest (Oct 11)
  - Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 11)

(Thread continues...)