RE: IDS and Spywares
From: vipul kumra (vikumar2_at_yahoo.com)
Date: 10/12/05
- Previous message: Jay Archibald: "Re: IDS and Spywares"
- Maybe in reply to: neelabhsharma1_at_gmail.com: "IDS and Spywares"
- Next in thread: Omar A. Herrera: "RE: IDS and Spywares"
- Reply: Omar A. Herrera: "RE: IDS and Spywares"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 12 Oct 2005 03:41:22 -0700 (PDT) To: dhruv_ymca@yahoo.com, neelabhsharma1@gmail.com, focus-ids@securityfocus.com
Hi Dhruv,
I agree with what you have said... but then there is
no 100% fool proof method for detecting anything. As
far as I've seen iPolicy Networks IDS protection is
quite strong... :)
Vipul Kumra
Sr. Security Analyst
-----Original Message-----
From: Dhruv Soi [mailto:dhruv_ymca@yahoo.com]
Sent: Saturday, October 08, 2005 11:20 AM
To: neelabhsharma1@gmail.com;
focus-ids@securityfocus.com
Subject: Re: IDS and Spywares
Yeah you are right. Spyware detection through any
anti-spyware program would be stronger mechanism than
detecting it through IDS. But installation or
information upload attempt of spyware can be blocked
by IDS. Blocking may be in terms of detecting the
vulnerability exploit attempt using which spyware
installation occurs. Like IE vulnerabilities (IE chm,
Drag Drop etc etc), or it could be detecting unique
CLSIDs of known Spyware programs. And there are many
products (Tipping Point, iPolicy etc. etc.) which
claim that they block Spyware in their IDS. But I
don't believe that Network based Spyware detection is
full proof protection for Spyware but still it helps
to certain extend.
Ciao
Dhruv
--- neelabhsharma1@gmail.com wrote:
> Could anyone in the group name a few IDS which
> detect spywares. In my view spywares are to be
> detected by an antivirus system and not by a network
> device.
>
>
------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to
>
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
>
> to learn more.
>
------------------------------------------------------------------------
>
>
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
- Previous message: Jay Archibald: "Re: IDS and Spywares"
- Maybe in reply to: neelabhsharma1_at_gmail.com: "IDS and Spywares"
- Next in thread: Omar A. Herrera: "RE: IDS and Spywares"
- Reply: Omar A. Herrera: "RE: IDS and Spywares"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
