Re: [fw-wiz] RE: IDS (was: FW appliance comparison)

---

• From: Cat Okita <cat@xxxxxxxxxxxx>
• Date: Tue, 24 Jan 2006 19:49:21 -0500 (EST)

---

On Tue, 24 Jan 2006, Patrick M. Hausen wrote:

On Tue, Jan 24, 2006 at 11:38:52AM +0700, Ben Nagy wrote:

What's your preferred method for noticing this stuff? (I'm certainly not
being sarcastic here)

Your firewall doesn't trigger an alarm for every event that's
denied by policy?

That's the main reason why I don't like IDSs. A default deny
policy combined with "log everything" achieves just the same.

*blink* You don't bog down your firewall to the point of being
unuseable doing that?!?

I think that there's a place and a use for IDS - but if your network
is small enough that running log everything won't bog down your
firewall(s), then - well - maybe they're not for you.

cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

---

• Follow-Ups:
  • Re: [fw-wiz] RE: IDS (was: FW appliance comparison)
    • From: Marcus J. Ranum
  • Re: [fw-wiz] RE: IDS (was: FW appliance comparison)
    • From: Paul D. Robertson

• References:
  • Re: [fw-wiz] FW appliance comparison - Seeking input for the forum
    • From: Paul D. Robertson
  • [fw-wiz] RE: IDS (was: FW appliance comparison)
    • From: Ben Nagy
  • Re: [fw-wiz] RE: IDS (was: FW appliance comparison)
    • From: Patrick M. Hausen

• Prev by Date: Re: [fw-wiz] RE: In defense of non standard ports
• Next by Date: Re: [fw-wiz] X server in a Firewall
• Previous by thread: Re: [fw-wiz] RE: IDS (was: FW appliance comparison)
• Next by thread: Re: [fw-wiz] RE: IDS (was: FW appliance comparison)
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: [fw-wiz] Worms, Air Gaps and Responsibility ... > are involved in Kerberos communications? ... "A cat spends her life conflicted between a deep, passionate and profound ... desire for fish and an equally deep, passionate and profound desire to ... (Firewall-Wizards) Re: [fw-wiz] suggestions for anitvirus in gateway ... AV vendor should be active. ... >"A cat spends her life conflicted between a deep, passionate and profound ... >desire for fish and an equally deep, passionate and profound desire to ... (Firewall-Wizards) Re: Product review postings - Suggested Solution ... > When product reviews are sent to the list regardless of the source I can ... "A cat spends her life conflicted between a deep, passionate and profound ... desire for fish and an equally deep, passionate and profound desire to ... (Pen-Test) RE: [fw-wiz] FW appliance comparison - Seeking input for the forum ... single solution. ... "A cat spends her life conflicted between a deep, passionate and profound ... desire for fish and an equally deep, passionate and profound desire to ... (Firewall-Wizards) Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name ... is different from another organization paid to provide trust. ... "A cat spends her life conflicted between a deep, passionate and profound ... desire for fish and an equally deep, passionate and profound desire to ... (Bugtraq)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Firewall-Wizards  > 2006-01