Re: Top IPS vendors - please read for invitation to Network World review

From: Daniel Cid (danielcid_at_yahoo.com.br)
Date: 09/03/03

  • Next message: Thomas Biege: "CfP DIMVA 2004"
    Date: Wed, 3 Sep 2003 10:23:19 -0300 (ART)
    To: focus-ids@securityfocus.com
    
    

    I agree with you. This kind of "IPS" is very dangerous
    to use. I only make a comment that portsentry can
    block using the route command. I never said that this
    is a good solution :)

    Daniel B. Cid

    > --- Scott Wimer <scottw@cylant.com> escreveu: >
    >Forgive me for being callous, but this methodology
    > is just asking for
    > problems. If somebody portscans you from a spoofed
    > address: say your
    > DNS server's IP maybe, then you now have some
    > interesting problems.
    >
    > This is using a broadsword where a scalpel is called
    > for.
    > scottwimer
    >
    > Daniel Cid wrote:
    > > Portsentry can block an ip address using the route
    > > command (route reject) in machines that doesnt
    > have a
    > > firewall.
    > >
    > > Thanks
    > >
    > > Daniel B. Cid
    > >
    > >

    _______________________________________________________________________
    Desafio AntiZona: participe do jogo de perguntas e respostas que vai
    dar um Renault Clio, computadores, câmeras digitais, videogames e muito
    mais! www.cade.com.br/antizona

    ---------------------------------------------------------------------------
    Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the worldÂ’s premier
    technical IT security event. Modeled after the famous Black Hat event in
    Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
    Symanetc is the Diamond sponsor. Early-bird registration ends September 6 Visit: www.blackhat.com
    ---------------------------------------------------------------------------


  • Next message: Thomas Biege: "CfP DIMVA 2004"