Re: IDS is dead, etc--Only if you limit your Horizons

alaric_at_alaricsecurity.com
Date: 08/08/03

  • Next message: Bennett Todd: "Re: IDS is dead, etc"
    Date: 8 Aug 2003 08:42:15 -0000
    To: focus-ids@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <20030806145233.3027.qmail@www.securityfocus.com>

    Hi,

    I am the colleague mentioned in MR. Munn's post. I have been coding AIRIDS
    and I just wanted to say a few more things about what we have been doing.

    AIRIDS attempts to remedy the problem of erroneous alerts through the use
    of strong network intelligence. AIRIDS has what is called "Inventory
    Modules" that use freely available security tools to map out a given
    network and use that gained knowledge to filter out any attacks that do
    not represent a threat.

    The modules consist of a regular module that actively interrogates a
    network while a passive module sits on the wire and observes traffic and
    gets it's intelligence through that act. This is useful for
    devices/servers/whatever that you have connected to your network that have
    a weak stack.

    Later,
    B. Thomason

    ---------------------------------------------------------------------------
    Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Automatically Control P2P, IM and Spam Traffic
     - Ensure Reliable Performance of Mission Critical Applications
    Precisely Define and Implement Network Security and Performance Policies
    **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
    Visit us at: http://www.captusnetworks.com/ads/31.htm
    ---------------------------------------------------------------------------


  • Next message: Bennett Todd: "Re: IDS is dead, etc"

    Relevant Pages

    • Re: IDS is dead, etc--Only if you limit your Horizons
      ... AIRIDS architecture which I covered in 2001 at DEFCON. ... AIRIDS aims to change that by automating much of the ... Precisely Define and Implement Network Security and Performance Policies ...
      (Focus-IDS)
    • Re: Increasing ICMP Echo Requests
      ... >>We're seeing the same ICMP pattern. ... >Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... > - Ensure Reliable Performance of Mission Critical Applications ... > - Precisely Define and Implement Network Security and Performance ...
      (Incidents)
    • RE: is this the start of something naughty?
      ... Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... - Ensure Reliable Performance of Mission Critical Applications ... - Precisely Define and Implement Network Security and Performance Policies ...
      (Incidents)
    • Re: Alert Correlation
      ... >Im doing a research on Alert correlation of IDS sensors, ... >Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... > - Ensure Reliable Performance of Mission Critical Applications ... >Precisely Define and Implement Network Security and Performance Policies ...
      (Focus-IDS)
    • Re: is this the start of something naughty?
      ... > Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... > - Ensure Reliable Performance of Mission Critical Applications ... > - Precisely Define and Implement Network Security and Performance ... electronique a ete verifie par un logiciel anti-virus ...
      (Incidents)