Re: Categories of IDS

From: Andy Cuff [Talisker] (lists_at_securitywizardry.com)
Date: 12/04/03

  • Next message: Michael Stone: "Re: SourceFire RNA"
    To: <focus-ids@securityfocus.com>
    Date: Thu, 4 Dec 2003 22:24:36 -0000
    
    

    Hi Jeff
    > Looks good. Hope the TAPS page has info on channel bonding

    Have you seen Intrusions taps they have a hub inbuilt so you don't
    have to mess with the half duplex outputs to make it full duplex. There is
    an
    issue with bandwidth in the 10/100 tap such that it can only handle 100Mb/s
    total output ie 60 + 40 is okay but 60 + 50 will drop 10Mb/s I believe this
    is
    overcome with their 10/100/1000 tap. I'm really impressed, they also have a
    variant that will allow crafted resets to be inserted back into the traffic.
    I feed the output into a dumb hub and then into multiple IDS.

    -andy

    Talisker Security Tools Directory
    http://www.securitywizardry.com
    ----- Original Message -----
    From: <Jeffrey.Stebelton@bisys.com>
    To: "Andy Cuff [Talisker]" <lists@securitywizardry.com>
    Cc: <focus-ids@securityfocus.com>
    Sent: Thursday, December 04, 2003 8:24 PM
    Subject: Re: Categories of IDS

    >
    > Looks good. Hope the TAPS page has info on channel bonding. Good site,
    > thanks for taking the time to put all this together.
    >
    > Jeff Stebelton
    > Manager, Network Security
    > BISYS Network Security Group
    > 614-470-8249 direct
    > 614-203-2563 cell
    >
    >
    >
    > |---------+---------------------------->
    > | | "Andy Cuff |
    > | | [Talisker]" |
    > | | <lists@securitywi|
    > | | zardry.com> |
    > | | |
    > | | 12/03/2003 03:43 |
    > | | PM |
    > | | Please respond to|
    > | | "Andy Cuff |
    > | | [Talisker]" |
    > | | |
    > |---------+---------------------------->
    >
    >---------------------------------------------------------------------------
    ------------------------------------|
    > |
    |
    > | To: <focus-ids@securityfocus.com>
    |
    > | cc:
    |
    > | Subject: Categories of IDS
    |
    >
    >---------------------------------------------------------------------------
    ------------------------------------|
    >
    >
    >
    >
    > Hi,
    > I really need to update the categories of IDS on my website. They have
    > developed substantially over the last few years and therefore I was
    looking
    > to drop the following pages:
    >
    > DROP
    > Network Node IDS - Non Promiscuous network IDS.
    > http://www.securitywizardry.com/nnids.htm
    > Hybrid IDS - Host and Network Node IDS Combined.
    > http://www.securitywizardry.com/hybrid.htm
    >
    > INTRODUCE
    > Introducing Wireless IDS
    > http://www.securitywizardry.com/Wids.htm removing them from
    > http://www.securitywizardry.com/wireless.htm
    >
    > Long overdue Host IPS - Has anyone got a list that I can use for starters
    > ??
    >
    > RESULTING IN
    > Host IPS
    > Network IPS
    > Host IDS
    > Network IDS
    > File Integrity Checkers
    > Honeypots
    > Network Taps
    > Security Consoles
    > IDS Training
    >
    > Am I missing anything ?
    > -andy
    >
    > Talisker Security Tools Directory
    > http://www.securitywizardry.com
    >
    >
    > --------------------------------------------------------------------------
    -
    > --------------------------------------------------------------------------
    -
    >
    >
    >
    >
    >
    > This email is confidential and intended solely for the use of the
    > individual or entity to whom it is addressed. If you have received this
    > email in error please notify the system manager at mailadmin@bisys.com and
    > delete the email immediately.
    >
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Michael Stone: "Re: SourceFire RNA"