Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: IDS and Spywares

from [Omar Herrera] Network Security [Permanent Link]
Subject: RE: IDS and Spywares
Date: Sat, 15 Oct 2005 08:45:51 +0100 



-----Original Message-----
From: Frank Knobbe [mailto:frank@knobbe.us]
Sent: Saturday, October 15, 2005 3:06 AM

On Fri, 2005-10-14 at 10:03 +0100, Omar A. Herrera wrote:
[...]

I do agree with you that layered security is always the best option,

even if

there is some redundancy in some of the activities performed by

different

kinds of products.

[...]


What I'm trying to say is:

Stop wasting your time wrapping more band-aids around flaws! Start
attacking the real problem and solve that! Stop buying into the security
buzz spun by security vendors promising the all-curing pixie dust, and
understand and correct the core root causes of the problem yourself!

If we don't look at the real issues anymore, then all hope is lost.



Yea right... it is easy to be a purist and just point out at the right
theoretical solution. You are absolutely right, but if making those changes
were just as simple as saying it...

I'm not talking to the technological part of the problem here, but to
administrative problem. You really think it is so simple to just go with
your Boss and say: "Hey Boss, we need to replace all those workstations with
X because of this and this, throwing away and historic dependency of dozens
of versions for thousands of applications, many of which don't exist for X
for several reasons, but we can simply develop them ourselves"?

You better offer me a job in your company (where it seems it is possible to
do this), because if I do this, I'm certainly going to get kicked out of
mine :-)

Understanding and complying with business requirements and restrictions is
also an essential part of our jobs, not just playing the techie, all
powerful, know all wizard.

Regards,

Omar Herrera


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: IDS and Spywares, Dhruv Soi
Next by Date:  RE: IDS and Spywares, Justin Shore
Previous by Thread:  RE: IDS and Spywares, Frank Knobbe
Next by Thread:  RE: IDS and Spywares, Dhruv Soi
Indexes:  [Date] [Thread] [Top] [All Lists]