RE: IPS Blocking Spyware?
From: Murtland, Jerry (MurtlandJ_at_Grangeinsurance.com)
Date: 12/03/04
- Previous message: Brad Boeckmann: "Re: IDS, IPS and encrypted traffic"
- Maybe in reply to: Ron: "IPS Blocking Spyware?"
- Next in thread: Darren Rogers Mailing Lists: "Re: IPS Blocking Spyware?"
- Reply: Darren Rogers Mailing Lists: "Re: IPS Blocking Spyware?"
- Reply: Kevin: "Re: IPS Blocking Spyware?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Maynor, David (ISS Atlanta)'" <dmaynor@iss.net>, Ron <iago@valhallalegends.com>, focus-ids@securityfocus.com Date: Fri, 3 Dec 2004 09:16:23 -0500
The better question is how/where does it stop the spyware? You can have
companies stop spyware from communicating your information to external web
servers via http all day long with a strongly maintained web filter, but if
you don't stop it from installing on your systems, your chasing your tail!
I have yet to see a product that is able to stop it from actually being
installed, and yes, I'm aware of disabling ActiveX. But if a company uses
ActiveX in some of their web apps, what can they do? I see it as more of a
file search tool, which means it's still reactive and would be as
maintenance intensive as .dat/.nav file updates. Some companies boast that
their product can stop spyware, well I can't speak for Tipping Point, but if
they don't stop it from being installed, they haven't stopped it.
Jerry
-----Original Message-----
From: Maynor, David (ISS Atlanta) [mailto:dmaynor@iss.net]
Sent: Thursday, December 02, 2004 9:56 AM
To: Ron; focus-ids@securityfocus.com
Subject: RE: IPS Blocking Spyware?
Importance: Low
I could be wrong but if memory serves me correctly TippingPoint has
rules for 28 pieces of spyware. Double check with a sales rep, but that
number is stuck in my head for some reason.
-----Original Message-----
From: Ron [mailto:iago@valhallalegends.com]
Sent: Tuesday, November 30, 2004 11:36 AM
To: focus-ids@securityfocus.com
Subject: IPS Blocking Spyware?
I've recently heard that Tipping Point's IPS appliance now blocks
spyware programs. Has anybody else heard this / experimented with this?
Thanks!
------------------------------------------------------------------------
-- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ -- -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. -------------------------------------------------------------------------- -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
- Previous message: Brad Boeckmann: "Re: IDS, IPS and encrypted traffic"
- Maybe in reply to: Ron: "IPS Blocking Spyware?"
- Next in thread: Darren Rogers Mailing Lists: "Re: IPS Blocking Spyware?"
- Reply: Darren Rogers Mailing Lists: "Re: IPS Blocking Spyware?"
- Reply: Kevin: "Re: IPS Blocking Spyware?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
