Focus on IDS
Rather funny; looks like page defacement to me Jun 13 2003 03:29PM
Anton Chuvakin (anton chuvakin org) (6 replies)
Gartner comments (was Re: Rather funny; looks like page defacement to me) Jun 17 2003 05:28PM
Randy Taylor (gnu charm net)
Re: Rather funny; looks like page defacement to me Jun 13 2003 10:17PM
George W. Capehart (gwc capehassoc com)
Re: Rather funny; looks like page defacement to me Jun 13 2003 09:12PM
Jerry M. Howell II (jmhowell jmhowell com)
Re: Rather funny; looks like page defacement to me Jun 13 2003 08:17PM
Paul Schmehl (pauls utdallas edu)
Re: Rather funny; looks like page defacement to me Jun 13 2003 08:06PM
adam (eggroid hotpop com) (1 replies)
Re: [security-elvandar] Re: Rather funny; looks like pagedefacement to me Jun 17 2003 07:27PM
Remko Lodder (remko elvandar org) (1 replies)
Quoting adam <eggroid (at) hotpop (dot) com [email concealed]>:

Well , they could partly be right.

When firewalls keep evolving and can implement stuff that is nowadays
implemented in IDS software it would be possible someday.

However, my opinion is that IDS sensors is needed at current time, since there
is no other possibility to detect strange traffic patterns [ like a undetected
virus.. ] at this current point in time, i think.

Also i think that seperated IDS Sensors and Firewalls are better performing than
that it's implemented into one component. The only problem here lies in the
management people who decide what hardware to buy for their network security.
When they find products that implement Firewalling / Antivirus / IDS in a
single product with a nice pricetag they will surely sooner choose that product
then any other product.

When IDS'es keep evolving in the way they do now i dont think that they will
have anything to fear for the next 4/5 years at least. Since firewalls need to
be better and better and IDS'es need to be better and better they will be
seperated in development for the next couple of years.

But then again, that is my opinion :-)

Is there anyone of the 'other' side who agrees with gartner? Perhaps it can be
an interesting discussion between pro ids' persons and pro firewall persons?

Cheers!

> I thought this was a joke too - but sadly, it's not. Monday, at the
> Security Interest Group seminar in Dearborn, MI (Detroit area) Gartner
> is scheduled to speak on "Intrusion Detection is Dead, Intrusion
> Prevention is Stillborn, Firewalls are the Future." Hard to believe,
> isn't it?
>
> Anton Chuvakin wrote:
>
> >All,
> >
> >This link posted on the snort site. I figured I'd send it to the list,
> >since its a fascinating read.
> >
> >http://www.gartner.com/5_about/press_releases/pr11june2003c.jsp
> >
> >My first impression was that it is a page defacement, so outrageous some
> >claims are. For instance, did you know that IDS actually _cause_ incident
> >response to happen? :-) Or this gem : "Money Slated for Intrusion
> >Detection Should Be Invested in Firewalls"?
> >
> >Best,
> >
> >
>
>
>
>
------------------------------------------------------------------------
-------
> INTRUSION PREVENTION: READY FOR PRIME TIME?
>
> IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities
> - including intrusion identification, relevancy, direction, impact and
> analysis
> - enabling a path to prevention.
>
> Download the latest white paper "Intrusion Prevention: Myths, Challenges, and
> Requirements" at:
> http://www.securityfocus.com/IntruVert-focus-ids2
>
------------------------------------------------------------------------
-------
>
>

--

Met vriendelijke groet,

Remko Lodder
Webmaster Elvandar.org
Webmaster Firewalladministrator.org

Member of www.dshield.org Distributed Instrusion Detection
Member of www.dsinet.org Dutch Security Information Network

/*
$(echo 'find / -perm -004000'|sed -n -e 's/([^-]*)(.*)/21/g' -e 's/([^,]
*)e//g' -e 's/0//g' -e 's/4/r/g' -e 's/ind//p')
*/

-------------------------------------------------
http://www.elvandar.org Homepage Elvandar.org Security related
http://www.grunn.org Homepage of grunn.org
http://www.mostly-harmless.nl Wanna learn unix systems and about security? (dutch spoken)
http://www.dsinet.org Dutch Security Information Network
http://www.koekiemonster.com A site about dancing
http://www.piare.org Homepage Piare.org

-------------------------------------------------
This mail is for the addressee only. If you are
not that person please delete this mail right
now. Also be notified that every mail sent will
be scanned by our virusscanner.

Deze mail is bedoeld voor de geaddresseerde.
Als u niet deze persoon bent wordt u verzocht
om het mailtje direct te verwijderen. Wees er
ook van op de hoogte dat alle mailtjes gescanned
worden door onze virusscanner

----The mailserver daemon.
-------------------------------------------------

[ reply ]
Re: [security-elvandar] Re: Rather funny; looks like pagedefacement to me Jun 18 2003 04:33PM
Paul Schmehl (pauls utdallas edu)
Re: Rather funny; looks like page defacement to me Jun 13 2003 08:03PM
Michael Sierchio (kudzu tenebras com)


 

Privacy Statement
Copyright 2010, SecurityFocus