Snort mailing list archives
Re: Snort with IPSec
From: Jason Haar <Jason.Haar () trimble co nz>
Date: Wed, 5 Nov 2003 13:38:32 +1300
On Tue, Nov 04, 2003 at 02:27:02PM -0600, Josh Berry wrote:
Yes, we would be implementing IPSec all the way down to ALL desktops and servers. All network communication would be through IPSec.
...then it's goodbye NIDS - hello HIDS! Seriously, if you are going to do this, then network monitoring will be almost impossible - you will have to focus on the host security itself. BTW: this is affecting all of us even today. Who's running Active Directory? Who's seen all that host-to-domain-controller traffic suddenly flick over to IPSec? Who's be hit (like me) with trying to diagnose Active Directory problems, only to find that the LDAP call is over TLS? Microsoft has made everyone's lives harder - without making it less buggy/more secure. Throwing encryption at problems doesn't make the inherent problem go way... [mutter, mutter] BTW: I'm surprised they're allowed to ship such product - are countries such as North Korea not allowed to run Win2K+ I suppose??? -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort with IPSec Josh Berry (Nov 04)
- Re: Snort with IPSec Chris Green (Nov 04)
- Re: Snort with IPSec Josh Berry (Nov 04)
- Re: Snort with IPSec Frank Knobbe (Nov 04)
- Re: Snort with IPSec Josh Berry (Nov 05)
- Re: Snort with IPSec Ravi Kumar (Nov 05)
- Re: Snort with IPSec Josh Berry (Nov 04)
- Re: Snort with IPSec Chris Green (Nov 04)
- Message not available
- Re: Snort with IPSec Matt Kettler (Nov 04)
- <Possible follow-ups>
- RE: Snort with IPSec O'Flynn, Derek (Nov 04)
- Re: Snort with IPSec Mark . Schutzmann (Nov 04)
- Re: Snort with IPSec Josh Berry (Nov 04)
- Re: Snort with IPSec Jason Haar (Nov 04)
- Re: Snort with IPSec Josh Berry (Nov 04)