Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: CISCOs new IPS

from [Billy Dodson] Network Security [Permanent Link]
Subject: RE: CISCOs new IPS
Date: Fri, 7 Jan 2005 14:27:17 -0600 
The product I was referring to is the Cisco IOS IPS
http://www.cisco.com/warp/public/732/Tech/security/intrusion/

I was not aware of a hardware appliance...but should have known they
would have one....Cisco makes everything an appliance.

-----Original Message-----
From: Krystian Antoni [mailto:krystianantoni@gmail.com] 
Sent: Friday, January 07, 2005 1:10 AM
To: Billy Dodson
Cc: loloinfo@free.fr; focus-ids@securityfocus.com
Subject: Re: CISCOs new IPS

can u tell me OS version of the cisco IPS you talking about?

my dealer said that Cisco IPS composes of a Cisco IDS(alternatily
called an IPS) v.5 OS which is not yet available. Currently Cisco IPS
works on v.4.1.4 IDS OS which is in every Cisco IDS (ex 4235), but
when v.5 will become available it will be replaced for free on IPS
boxes. Hence true IPS function is not yet available.


On Thu, 6 Jan 2005 14:18:10 -0600, Billy Dodson <billy@pmicromart.com>
wrote:

The cisco IPS is not quite what I thought it was going to be.  The IPS
is intended for use at branch offices or remote users where you would
not normally spring for a fire-walling device.  The IPS is nothing

more

then a IOS router with IOS firewall and the IDS engine.  The IPS is

just

software that runs on a cisco router.  It can use around 740

signatures

from the cisco IDS to run its "prevention".  It basically turns your
router into a small IDS/firewall.  It will be able to create access
lists or shuns on the fly.  The same as a current cisco IDS works in
conjunction with an IOS router or PIX firewall.  This device is not
intended to be the first line of defense within the network.

The cisco IPS is not replacing the cisco IDS.  The cisco IDS is still

a

good product and can be used as a prevention device when used in
conjunction with a router or firewall.  You can configure the sensor

to

send commands to the router or firewall to Shun the connection or

create

an access list on a router.


-----Original Message-----
From: loloinfo@free.fr [mailto:loloinfo@free.fr]
Sent: Monday, January 03, 2005 5:52 AM
To: Christoph Pertl (tm011081)
Cc: focus-ids@securityfocus.com
Subject: Re: CISCOs new IPS

is it CSA ??????????????

Selon "Christoph Pertl (tm011081)" <tm011081@fh-stpoelten.ac.at>:


Hi,

I'm right now in the middle of a Project with the goal to implement

an

IPS

in an existing infrastructure. One of our possible Partners offers

us

the

new IPS Product from Cisco.

Does anyone of you now something about this machine or at least

about

the

older IDS-Box because I think the Inspection Engine will be the

same?


Any Information about how well it performs in a real environment

would

be

great

Christoph






------------------------------------------------------------------------

--

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks

from

CORE IMPACT.
Go to

http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708

to learn more.




------------------------------------------------------------------------

--







------------------------------------------------------------------------

--
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to

http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708


to learn more.


------------------------------------------------------------------------

--




------------------------------------------------------------------------
--

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to

http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708

to learn more.


------------------------------------------------------------------------
--







--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: snort signature analysis tools, Martin Roesch
Next by Date:  Re: Specification-based Anomaly Detection, Stefano Zanero
Previous by Thread:  RE: CISCOs new IPS, Gary Halleen (ghalleen)
Next by Thread:  RE: CISCOs new IPS, Scruggs Stephen D SSgt AFWA/SCHS
Indexes:  [Date] [Thread] [Top] [All Lists]