Network Security: Detailed info on Re: IDS vs. IPS deployment feedback

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-IDS

[Top] [All Lists]

Re: IDS vs. IPS deployment feedback

from [Stefano Zanero] Network Security

[Permanent Link]

Subject:	Re: IDS vs. IPS deployment feedback
Date:	Sun, 16 Apr 2006 17:31:37 +0200

Aaron wrote:

To add to (or take away) from this thread, I would further mention that
IDS/IPS regardless of make or implimentation, will only see the past,
not the future.


You may wish to notice that this is true, but a problem only for misuse
based devices. Anomaly based devices, on the contrary, use the past as a
way to detect anomalies into the future, and therefore are less
sensitive to the zero-day/unforeseen attack problem.

Stefano

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: IDS vs. IPS deployment feedback, (continued) Re: IDS vs. IPS deployment feedback, Will Metcalf Re: IDS vs. IPS deployment feedback, Stefano Zanero RE: IDS vs. IPS deployment feedback, Basgen, Brian RE: IDS vs. IPS deployment feedback, Andrew Plato RE: IDS vs. IPS deployment feedback, Alan Shimel Re: IDS vs. IPS deployment feedback, Eric Hines RE: IDS vs. IPS deployment feedback, Andrew Plato Re: IDS vs. IPS deployment feedback, Richard Bejtlich Re: IDS vs. IPS deployment feedback, Paul Schmehl Re: IDS vs. IPS deployment feedback, Aaron Re: IDS vs. IPS deployment feedback, Stefano Zanero <= Re: IDS vs. IPS deployment feedback, Thomas Choi Re: IDS vs. IPS deployment feedback, Aaron Re: IDS vs. IPS deployment feedback, Stefano Zanero RE: IDS vs. IPS deployment feedback, Basgen, Brian RE: IDS vs. IPS deployment feedback, Andrew Plato Re: IDS vs. IPS deployment feedback, Richard Bejtlich RE: IDS vs. IPS deployment feedback, Mike Barkett Re: IDS vs. IPS deployment feedback, Jason RE: IDS vs. IPS deployment feedback, Palmer, Paul (ISSAtlanta) RE: IDS vs. IPS deployment feedback, Andrew Plato

Previous by Date:	Re: Simulating Retransmissions, Mike Gibson
Next by Date:	RE: IPS false positives, Basgen, Brian
Previous by Thread:	Re: IDS vs. IPS deployment feedback, Aaron
Next by Thread:	Re: IDS vs. IPS deployment feedback, Thomas Choi
Indexes:	[Date] [Thread] [Top] [All Lists]