Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How to choose an IDS/FW MSS provider

from [Kevin] Network Security [Permanent Link]
Subject: Re: How to choose an IDS/FW MSS provider
Date: Sun, 13 Mar 2005 03:23:22 -0600 
On Sat, 12 Mar 2005 11:41:46 -0800 (PST), Peter Schawacker
<peter@schawacker.com> wrote:

Hi Kevin,

You make some good points, but I wanted to clarify
something that you wrote.  McAfee's IntruShield NIPS
appliance does not run Linux.


I was basing my statements on 'nmap' results, on job postings
from Intrusec/NAI for Linux kernel/driver programmers for the
Intrushield team (Google archive of past openings), and also
the GPL/LGPL violation complaints against NAI/Intrusec
from about this time last year (kernel, grub, zebra).



Also, it is ASIC/FPGA-based.  Each IntruShield appliance does
include a celeron processor, but that Intel chip is
used only for management.


Specifically it *appears* that the management processor
runs VxWorks, which is decidely "not linux".  Can't really
confirm this guess at 3AM.



All of the IDS/IPS work is done using FPGA's, ASIC's and network processors.

BTW, I work for McAfee.

Peter


Good to see honest open responses including the
disclaimer of employment.  On that topic, I have
never worked for any vendor of security solutions,
though I have often been employed by their customers.


Kevin

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: How to choose an IDS/FW MSS provider, Peter Schawacker
Next by Date:  MSSP / IDS Selection, KJP
Previous by Thread:  Re: How to choose an IDS/FW MSS provider, Peter Schawacker
Next by Thread:  Re: How to choose an IDS/FW MSS provider, Will Metcalf
Indexes:  [Date] [Thread] [Top] [All Lists]