Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IPS with no IP address?

from [nick black] Network Security [Permanent Link]
Subject: Re: IPS with no IP address?
Date: Fri, 7 Jan 2005 20:47:55 +0000 (UTC) 
On 2005-01-05, Jeff McCarthy <intel1914a@yahoo.com> wrote:

I recently sat in on an IPS vendor presentation. They
stated that their IPS has 2 Ethernet interfaces,
neither of which have IP addresses yet they can manage
and monitor the device over IP.  I thought this was
interesting and somewhat unique. 


Perhaps they meant to say "2 ethernet interfaces usable for filtering?"
Our device here at Reflex ships with a minimum of 3 interfaces. One is
configured as the "management" interface, designed to link with a
monitoring console via crossover cable in the optimal case
(authentication, privacy etc are of course ensured by more than this
expectation, but it protects against bandwidth-based DoS of the alert
channel). This interface has an IP visible to the world. Other
interfaces can be freely bound to sniffers, filtering bridges or
proxying + filtering bridges, and no IP is visible.

-- 
nick black                  "np:  the class of dashed hopes and idle dreams."


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Intrushield vs. ISS once more..., JM
Next by Date:  RE: ForeScout ActiveScout, Carey, Steve T GARRISON
Previous by Thread:  Re: IPS with no IP address?, Dennis Cox
Next by Thread:  Re: IPS with no IP address?, Brad McGary
Indexes:  [Date] [Thread] [Top] [All Lists]