Re: NIPS Vendors explicit answer
From: Ron Gula (rgula_at_tenablesecurity.com)
Date: 04/26/04
- Previous message: thevenet sebastien: "Logs correlation (again)"
- In reply to: Vikram Phatak: "Re: NIPS Vendors explicit answer"
- Next in thread: Vikram Phatak: "Re: NIPS Vendors explicit answer"
- Reply: Vikram Phatak: "Re: NIPS Vendors explicit answer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Apr 2004 16:28:47 -0400 To: focus-ids@securityfocus.com
>
>As with firewalls, we believe IPS needs to be more black and white
>regarding the approach taken. While much of the work being done regarding
>anomalous behavior is "cool", it is not practical unless it can be used in
>the "real world" to prevent attacks. Believing that traffic is harmful
>and knowing it is harmful are two different things. Besides which, I have
>never personally seen a product that operates on "magic foo-foo dust" work.
Excellent summary of ipANGEL. What do you use for vulnerability
detection and IDS signatures?
Ron Gula, CTO
Tenable Network Security
http://www.tenablesecurity.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: thevenet sebastien: "Logs correlation (again)"
- In reply to: Vikram Phatak: "Re: NIPS Vendors explicit answer"
- Next in thread: Vikram Phatak: "Re: NIPS Vendors explicit answer"
- Reply: Vikram Phatak: "Re: NIPS Vendors explicit answer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
