Penetration Testing mailing list archives
Re: IPS arguments
From: "Adriel T. Desautels" <ad_lists () netragard com>
Date: Mon, 23 Feb 2009 09:42:44 -0500
Different businesses have different security requirements based on their business drivers, network architecture and political structure. If the customer doesn't want to install IPS then your job is to understand why and to make sure that they are educated about what IPS/ IDS is. Once they are educated, allow them to make the decision and move on. The fact is that IPS is the same as IDS with the ability to interrupt, and its prone to false positives and even more false negatives. That said, it is a very useful technology if there is someone on staff that understand how to properly manage it. If not, then its a useless piece of technology.
On Feb 14, 2009, at 9:34 AM, Hugo Vinicius Garcia Razera wrote:
Hello Gentleman's, I have finished a penetration testing to a client like a month ago. The company i worked for used some practices that i don't agree with. that's one of the reasons i resigned. any way they managed to shell the audited company a CISCO IPS using the results of the pen test. Well the thing is that the CIO of that company is refusing to install the IPS on their network even after his company has already put a buy order for the equipment and said IPS is know on their building but he refuses to install such equipment, augmenting that it is totally unnecessary because they all ready have an Microsoft ISA server Firewall in place, and symantec enpoint protection on the clients machine. Can any one point me why, they need an IPS? The old company i worked for wants me to penetrate their network, to proof them they need an IPS . this time I'm thinking on deploying an old Trojan i coded.but i would like to have more compelling arguments on why some one needs an IPSthanks for the time replying to my questions Hugo
Adriel T. Desautels ad_lists () netragard com -------------------------------------- Subscribe to our blog http://snosoft.blogspot.com
Current thread:
- RE: IPS arguments, (continued)
- RE: IPS arguments Shenk, Jerry A (Feb 20)
- Re: IPS arguments M.D.Mufambisi (Feb 20)
- Re: IPS arguments Micheal Cottingham (Feb 22)
- Re: IPS arguments Danny Fullerton (Feb 22)
- Re: IPS arguments Javier Reyna (Feb 26)
- Re: IPS arguments Trygve Aasheim (Feb 27)
- Re: IPS arguments Webmaster 003 (Feb 27)
- Re: IPS arguments Keith Pasley Com6 (Feb 22)
- Re: IPS arguments David Howe (Feb 22)
- RE: IPS arguments JoePete (Feb 22)
- Re: IPS arguments Adriel T. Desautels (Feb 26)
- Re: IPS arguments kellstr (Feb 20)