Re: [security-elvandar] Re: Rather funny; looks like page defacement to me
From: Remko Lodder (remko_at_elvandar.org)
Date: 06/17/03
- Previous message: Stephen Samuel: "Re: Recent anti-NIDS Gartner article"
- In reply to: adam: "Re: Rather funny; looks like page defacement to me"
- Next in thread: Paul Schmehl: "Re: [security-elvandar] Re: Rather funny; looks like page defacement to me"
- Reply: Paul Schmehl: "Re: [security-elvandar] Re: Rather funny; looks like page defacement to me"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 17 Jun 2003 21:27:24 +0200 To: adam <eggroid@hotpop.com>
Quoting adam <eggroid@hotpop.com>:
Well , they could partly be right.
When firewalls keep evolving and can implement stuff that is nowadays
implemented in IDS software it would be possible someday.
However, my opinion is that IDS sensors is needed at current time, since there
is no other possibility to detect strange traffic patterns [ like a undetected
virus.. ] at this current point in time, i think.
Also i think that seperated IDS Sensors and Firewalls are better performing than
that it's implemented into one component. The only problem here lies in the
management people who decide what hardware to buy for their network security.
When they find products that implement Firewalling / Antivirus / IDS in a
single product with a nice pricetag they will surely sooner choose that product
then any other product.
When IDS'es keep evolving in the way they do now i dont think that they will
have anything to fear for the next 4/5 years at least. Since firewalls need to
be better and better and IDS'es need to be better and better they will be
seperated in development for the next couple of years.
But then again, that is my opinion :-)
Is there anyone of the 'other' side who agrees with gartner? Perhaps it can be
an interesting discussion between pro ids' persons and pro firewall persons?
Cheers!
> I thought this was a joke too - but sadly, it's not. Monday, at the
> Security Interest Group seminar in Dearborn, MI (Detroit area) Gartner
> is scheduled to speak on "Intrusion Detection is Dead, Intrusion
> Prevention is Stillborn, Firewalls are the Future." Hard to believe,
> isn't it?
>
> Anton Chuvakin wrote:
>
> >All,
> >
> >This link posted on the snort site. I figured I'd send it to the list,
> >since its a fascinating read.
> >
> >http://www.gartner.com/5_about/press_releases/pr11june2003c.jsp
> >
> >My first impression was that it is a page defacement, so outrageous some
> >claims are. For instance, did you know that IDS actually _cause_ incident
> >response to happen? :-) Or this gem : "Money Slated for Intrusion
> >Detection Should Be Invested in Firewalls"?
> >
> >Best,
> >
> >
>
>
>
>
-------------------------------------------------------------------------------
> INTRUSION PREVENTION: READY FOR PRIME TIME?
>
> IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities
> - including intrusion identification, relevancy, direction, impact and
> analysis
> - enabling a path to prevention.
>
> Download the latest white paper "Intrusion Prevention: Myths, Challenges, and
> Requirements" at:
> http://www.securityfocus.com/IntruVert-focus-ids2
>
-------------------------------------------------------------------------------
>
>
-- Met vriendelijke groet, Remko Lodder Webmaster Elvandar.org Webmaster Firewalladministrator.org Member of www.dshield.org Distributed Instrusion Detection Member of www.dsinet.org Dutch Security Information Network /* $(echo 'find / -perm -004000'|sed -n -e 's/([^-]*)(.*)/21/g' -e 's/([^,] *)e//g' -e 's/0//g' -e 's/4/r/g' -e 's/ind//p') */ ------------------------------------------------- http://www.elvandar.org Homepage Elvandar.org Security related http://www.grunn.org Homepage of grunn.org http://www.mostly-harmless.nl Wanna learn unix systems and about security? (dutch spoken) http://www.dsinet.org Dutch Security Information Network http://www.koekiemonster.com A site about dancing http://www.piare.org Homepage Piare.org ------------------------------------------------- This mail is for the addressee only. If you are not that person please delete this mail right now. Also be notified that every mail sent will be scanned by our virusscanner. Deze mail is bedoeld voor de geaddresseerde. Als u niet deze persoon bent wordt u verzocht om het mailtje direct te verwijderen. Wees er ook van op de hoogte dat alle mailtjes gescanned worden door onze virusscanner ----The mailserver daemon. -------------------------------------------------
-------------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the
world's premier technical IT security event! 10 tracks, 15 training sessions,
1,800 delegates from 30 nations including all of the top experts, from CSO's to
"underground" security specialists. See for yourself what the buzz is about!
Early-bird registration ends July 3. This event will sell out. www.blackhat.com
-------------------------------------------------------------------------------
- application/pgp-signature attachment: Digitale PGP handtekening
- application/pgp-keys attachment: Openbare PGP sleutel
- Previous message: Stephen Samuel: "Re: Recent anti-NIDS Gartner article"
- In reply to: adam: "Re: Rather funny; looks like page defacement to me"
- Next in thread: Paul Schmehl: "Re: [security-elvandar] Re: Rather funny; looks like page defacement to me"
- Reply: Paul Schmehl: "Re: [security-elvandar] Re: Rather funny; looks like page defacement to me"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
