Re: IDS and Spywares

barcajax_at_gmail.com
Date: 10/08/05

Next message: Eric Grejda: "Re: IDS and Spywares"

Previous message: Anatoly A. Pedemonte Ku: "SourceFire (snort) buyed by CheckPoint"
Maybe in reply to: neelabhsharma1_at_gmail.com: "IDS and Spywares"
Next in thread: Jonathan Gauntt: "Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Reply: Jonathan Gauntt: "Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 8 Oct 2005 11:01:46 -0000
To: focus-ids@securityfocus.com

('binary' encoding is not supported, stored as-is) Why detect when you can prevent? Is removal of spyware your objective? If it is, consider deploying a content filtering gateway that is able to detect and remove spyware from web traffic that is downloaded when your internal users surf the Internet.
Even if an IDS is able to detect spyware, it is likely that it does so using signatures created after a known malicious spyware is researched and added into its signature base. Certain content filtering gateways are able to remove spyware based on known spyware characteristics or their malicious/suspicious behaviour.

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

Next message: Eric Grejda: "Re: IDS and Spywares"

Previous message: Anatoly A. Pedemonte Ku: "SourceFire (snort) buyed by CheckPoint"
Maybe in reply to: neelabhsharma1_at_gmail.com: "IDS and Spywares"
Next in thread: Jonathan Gauntt: "Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Reply: Jonathan Gauntt: "Cisco IDS 4250 vs Sourcefire IS3000 + RNA Sensor"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]