Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: CISCOs new IPS

from [Scruggs Stephen D SSgt AFWA/SCHS] Network Security [Permanent Link]
Subject: RE: CISCOs new IPS
Date: Mon, 10 Jan 2005 07:29:30 -0600 
 The Cisco IDS runs on Red Hat Linux 7.3 as the underlying OS (we have the
Cisco 4250 sensors).  I have not heard much about the IPS other than it is a
Cisco router with an IPS and firewall card.


//SIGNED//
Stephen D. Scruggs, SSgt, USAF
Senior Intrusion Detection Specialist
HQ AFWA NOSC
294-2463(Comm)/271-2463(DSN)

-----Original Message-----
From: Krystian Antoni [mailto:krystianantoni@gmail.com] 
Sent: Friday, January 07, 2005 1:10 AM
To: Billy Dodson
Cc: loloinfo@free.fr; focus-ids@securityfocus.com
Subject: Re: CISCOs new IPS

can u tell me OS version of the cisco IPS you talking about?

my dealer said that Cisco IPS composes of a Cisco IDS(alternatily called an
IPS) v.5 OS which is not yet available. Currently Cisco IPS works on v.4.1.4
IDS OS which is in every Cisco IDS (ex 4235), but when v.5 will become
available it will be replaced for free on IPS boxes. Hence true IPS function
is not yet available.


On Thu, 6 Jan 2005 14:18:10 -0600, Billy Dodson <billy@pmicromart.com>
wrote:

The cisco IPS is not quite what I thought it was going to be.  The IPS 
is intended for use at branch offices or remote users where you would 
not normally spring for a fire-walling device.  The IPS is nothing 
more then a IOS router with IOS firewall and the IDS engine.  The IPS 
is just software that runs on a cisco router.  It can use around 740 
signatures from the cisco IDS to run its "prevention".  It basically 
turns your router into a small IDS/firewall.  It will be able to 
create access lists or shuns on the fly.  The same as a current cisco 
IDS works in conjunction with an IOS router or PIX firewall.  This 
device is not intended to be the first line of defense within the network.

The cisco IPS is not replacing the cisco IDS.  The cisco IDS is still 
a good product and can be used as a prevention device when used in 
conjunction with a router or firewall.  You can configure the sensor 
to send commands to the router or firewall to Shun the connection or 
create an access list on a router.


-----Original Message-----
From: loloinfo@free.fr [mailto:loloinfo@free.fr]
Sent: Monday, January 03, 2005 5:52 AM
To: Christoph Pertl (tm011081)
Cc: focus-ids@securityfocus.com
Subject: Re: CISCOs new IPS

is it CSA ??????????????

Selon "Christoph Pertl (tm011081)" <tm011081@fh-stpoelten.ac.at>:


Hi,

I'm right now in the middle of a Project with the goal to implement 
an

IPS

in an existing infrastructure. One of our possible Partners offers 
us

the

new IPS Product from Cisco.

Does anyone of you now something about this machine or at least 
about

the

older IDS-Box because I think the Inspection Engine will be the same?

Any Information about how well it performs in a real environment 
would

be

great

Christoph




----------------------------------------------------------------------
--
--

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks 
from CORE IMPACT.
Go to

http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708

to learn more.


----------------------------------------------------------------------
--
--





----------------------------------------------------------------------
--
--
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to 
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708

to learn more.
----------------------------------------------------------------------
--
--


----------------------------------------------------------------------
----
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to 
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
----------------------------------------------------------------------
----




--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ForeScout ActiveScout, Erik F
Next by Date:  Snort detecting distributed syn floods, Brian T
Previous by Thread:  RE: CISCOs new IPS, Billy Dodson
Next by Thread:  Re: what is required for an engineer to become an SECURITY engineer, Jason Baeder
Indexes:  [Date] [Thread] [Top] [All Lists]