Re: Categories of IDS
From: Andy Cuff [Talisker] (lists_at_securitywizardry.com)
Date: 12/04/03
- Previous message: edward gonzales: "RE: Symantec Manhunt"
- In reply to: Jeffrey.Stebelton_at_bisys.com: "Re: Categories of IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <focus-ids@securityfocus.com> Date: Thu, 4 Dec 2003 22:24:36 -0000
Hi Jeff
> Looks good. Hope the TAPS page has info on channel bonding
Have you seen Intrusions taps they have a hub inbuilt so you don't
have to mess with the half duplex outputs to make it full duplex. There is
an
issue with bandwidth in the 10/100 tap such that it can only handle 100Mb/s
total output ie 60 + 40 is okay but 60 + 50 will drop 10Mb/s I believe this
is
overcome with their 10/100/1000 tap. I'm really impressed, they also have a
variant that will allow crafted resets to be inserted back into the traffic.
I feed the output into a dumb hub and then into multiple IDS.
-andy
Talisker Security Tools Directory
http://www.securitywizardry.com
----- Original Message -----
From: <Jeffrey.Stebelton@bisys.com>
To: "Andy Cuff [Talisker]" <lists@securitywizardry.com>
Cc: <focus-ids@securityfocus.com>
Sent: Thursday, December 04, 2003 8:24 PM
Subject: Re: Categories of IDS
>
> Looks good. Hope the TAPS page has info on channel bonding. Good site,
> thanks for taking the time to put all this together.
>
> Jeff Stebelton
> Manager, Network Security
> BISYS Network Security Group
> 614-470-8249 direct
> 614-203-2563 cell
>
>
>
> |---------+---------------------------->
> | | "Andy Cuff |
> | | [Talisker]" |
> | | <lists@securitywi|
> | | zardry.com> |
> | | |
> | | 12/03/2003 03:43 |
> | | PM |
> | | Please respond to|
> | | "Andy Cuff |
> | | [Talisker]" |
> | | |
> |---------+---------------------------->
>
>---------------------------------------------------------------------------
------------------------------------|
> |
|
> | To: <focus-ids@securityfocus.com>
|
> | cc:
|
> | Subject: Categories of IDS
|
>
>---------------------------------------------------------------------------
------------------------------------|
>
>
>
>
> Hi,
> I really need to update the categories of IDS on my website. They have
> developed substantially over the last few years and therefore I was
looking
> to drop the following pages:
>
> DROP
> Network Node IDS - Non Promiscuous network IDS.
> http://www.securitywizardry.com/nnids.htm
> Hybrid IDS - Host and Network Node IDS Combined.
> http://www.securitywizardry.com/hybrid.htm
>
> INTRODUCE
> Introducing Wireless IDS
> http://www.securitywizardry.com/Wids.htm removing them from
> http://www.securitywizardry.com/wireless.htm
>
> Long overdue Host IPS - Has anyone got a list that I can use for starters
> ??
>
> RESULTING IN
> Host IPS
> Network IPS
> Host IDS
> Network IDS
> File Integrity Checkers
> Honeypots
> Network Taps
> Security Consoles
> IDS Training
>
> Am I missing anything ?
> -andy
>
> Talisker Security Tools Directory
> http://www.securitywizardry.com
>
>
> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
-
>
>
>
>
>
> This email is confidential and intended solely for the use of the
> individual or entity to whom it is addressed. If you have received this
> email in error please notify the system manager at mailadmin@bisys.com and
> delete the email immediately.
>
>
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: edward gonzales: "RE: Symantec Manhunt"
- In reply to: Jeffrey.Stebelton_at_bisys.com: "Re: Categories of IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
