nanog mailing list archives
Re: Checkpoint IPS
From: Terry Baranski <terry.baranski.list () gmail com>
Date: Thu, 5 Feb 2015 09:31:49 -0500
On Thu, Feb 5, 2015 at 8:34 AM, Roland Dobbins <rdobbins () arbor net> wrote:
I've never heard a plausible anecdote, much less seen meaningful
statistics,
of these devices actually 'preventing' anything.
People tend to hear what they want to hear. Surely your claim can't be that an IPS has never, in the history of Earth, prevented an attack or exploit. So it's unclear to me what you're actually trying to say here.
And the fact that well-known evasion techniques still work against these devices today, coupled with the undeniable proliferation of compromised hosts residing within networks supposedly 'protected' by these devices, militates against your proposition.
Your tendency of making blanket statements is somewhat baffling given the multitude of intricacies, details, and varying circumstances involved in a complex topic like this. To me, it's indicative of an overly-simplified and/or biased way of looking at things. In any case, go ahead and stick with your router ACLs and (stateful!) proxies. Different strokes. -Terry
Current thread:
- Re: Checkpoint IPS, (continued)
- Re: Checkpoint IPS Roland Dobbins (Feb 05)
- RE: Re: Checkpoint IPS Darden, Patrick (Feb 05)
- Re: Checkpoint IPS Skeeve Stevens (Feb 05)
- RE: Checkpoint IPS Darden, Patrick (Feb 05)
- RE: Checkpoint IPS Terry Baranski (Feb 05)
- Re: Checkpoint IPS Michael Hallgren (Feb 05)
- Re: Checkpoint IPS jim deleskie (Feb 05)
- Re: Checkpoint IPS Michael Hallgren (Feb 05)
- Re: Checkpoint IPS Nick Hilliard (Feb 05)
- Re: Checkpoint IPS Roland Dobbins (Feb 05)
- Re: Checkpoint IPS Terry Baranski (Feb 05)
- Re: Checkpoint IPS Valdis . Kletnieks (Feb 05)
- Re: Checkpoint IPS Terry Baranski (Feb 05)
- Re: Checkpoint IPS Roland Dobbins (Feb 05)
- RE: Checkpoint IPS Terry Baranski (Feb 05)
- Re: Checkpoint IPS Roland Dobbins (Feb 05)
- Re: Checkpoint IPS Patrick Tracanelli (Feb 05)
- Re: Checkpoint IPS Ray Soucy (Feb 06)
- Re: Checkpoint IPS Roland Dobbins (Feb 06)
- Re: Checkpoint IPS Patrick Tracanelli (Feb 06)
- RE: Re: Checkpoint IPS Darden, Patrick (Feb 06)