Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: IDS/IPS Management devices

from [Ofer Shezaf] Network Security [Permanent Link]
Subject: RE: IDS/IPS Management devices
Date: Mon, 28 Mar 2005 15:35:57 -0500 

My experience shows that while usually the management consoles of
perimeter firewalls and IDS/IPS sit on a dedicated segment, this is not
the case with consoles of internal security devices.

So when somebody decided to segment the HR department (or the Nuclear
reactor) with a firewall, the sys admin manages it from his desktop on
the general network (something unheard of for a gateway firewall),
making a standard, internet connected, windows desktop key so the
organization's security.

The situation is worse with routers. Routers where not usually born as
security devices, but organizations start to use them as such, utilizing
ACLs, encryption and recently 802.1x. And still many routers are managed
using unencrypted telnet with static passwords.

~ Ofer 


Ofer Shezaf
CTO, Breach Security

Tel: +972.9.956.0036 ext.212
Cell: +972.54.443.1119
ofers@breach.com
http://www.breach.com 



-----Original Message-----
From: Biswas, Proneet [mailto:pbiswas@ipolicynetworks.com]
Sent: Thursday, March 24, 2005 9:35 PM
To: focus-ids@securityfocus.com
Subject: IDS/IPS Management devices

One of the issues which we have seen with IDS/IPS vendors shipping
Management stations to manage their devices is that customers start
questioning how secure the management station is as it is mostly

windows

based platforms and there are no Anti-Virus software etc. running on
them. So is it safe to suggest that the management station  should be
sitting behind one of the security devices which is managing it.
Any thoughts ?





------------------------------------------------------------------------
--

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to

http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708

to learn more.


------------------------------------------------------------------------
--


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: IDS Evaluation, Maynor, David (ISS Atlanta)
Next by Date:  Re: IDS Evaluation, sam f. stover
Previous by Thread:  RE: IDS/IPS Management devices, Dante Mercurio
Next by Thread:  RE: IDS/IPS Management devices, Biswas, Proneet
Indexes:  [Date] [Thread] [Top] [All Lists]