IDS & encryption
From: Aaron Cheek (aaron_cheek_at_yahoo.com)
Date: 10/26/03
- Previous message: Michael Stone: "Re: Announcement: Alert Verification for Snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 26 Oct 2003 03:48:07 -0800 (PST) To: focus-ids@securityfocus.com
Hi,
I was just wondering what (if any) have been the
latest advances and general vendor approaches of IDS
in terms of analyzing encrypted traffic.
AFAIK, so far some common approaches have been:
* Using HIDS to complement NIDS in encrypted traffic
situations.
* Placing the encryption keys in the IDS (any known
products that do that??).
* Using a "clear-text DMZ" between 2 VPN firewalls for
VPN traffic.
Any other approaches that I must know of? Can any of
you point to interesting references in this direction?
Thanks!!
Aaron
__________________________________
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/
---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ids_031023
and use priority code SF4.
---------------------------------------------------------------------------
- Previous message: Michael Stone: "Re: Announcement: Alert Verification for Snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
