RE: IDS and Spywares

From: Frank Knobbe (frank_at_knobbe.us)
Date: 10/15/05

  • Next message: Omar Herrera: "RE: IDS and Spywares" 
    To: dhruv_ymca@yahoo.com
Date: Sat, 15 Oct 2005 03:26:13 -0500

    On Sat, 2005-10-15 at 01:12 -0700, Dhruv Soi wrote:
    > Frank, don't you believe that a Techie can even harden
    > a MS OS to protect it from Virus/Worm attack or from
    > some vulnerability exploit attacks...

    No, I do, that was my point.

    > Same way IDS, HIDS, Antivirus all are protecting the
    > networks,hosts at different layers...Leaving the
    > Network administrators with least administrative
    > work...

    Well, it seems that they are all failing then, since spyware, worm, and
    viruses are still making their rounds! Airlines still suffer outages
    from Internet worms, as do car manufacturers (to name just a few recent
    high profile cases).

    And it seem we don't trust those added layers either since we're still
    nervous on every patch Tuesday with fears of worms to the announced
    vulnerabilities.

    As for leaving admins with admin work, that doesn't seem to be justified
    if they are spending more and more time administrating all those gadgets
    that are getting bolted on to protect the rotten cores, including
    applying patches to the security products which themselves are
    vulnerable to the same issues they are tying to prevent in the first
    place.

    Yeah, call me a purist and laugh at me for throwing up the caution flag
    every chance I get, but someone has to :) If no one raises concerns
    about the industry getting out of control, then we might just believe
    that all is well and continue blissfully towards our doom.

    -Frank

  • Next message: Omar Herrera: "RE: IDS and Spywares"

    Relevant Pages

    • Re: Knife Crime
      ... travelling around the bleak fens to visit patients at the time and i ... burglaries by this groups of kids/delinquents/ whatever before and ... time to protect him or do much to save his property. ... vulnerability, a feeling that he was alone and not being adequately ...
      (rec.sport.rowing)
    • Re: Using 0days as part of pen-test?
      ... I'm rather new to responsible disclosure, so experts may found silly my ... I've identified a vulnerability in some closed-source ... Just imagine that you are a auditor and you dont know this vuln (and many ... Your objetive is to protect the system against known and unknown ...
      (Pen-Test)
    • Re: Using 0days as part of pen-test?
      ... I'm rather new to responsible disclosure, so experts may found silly my ... I've identified a vulnerability in some closed-source ... Just imagine that you are a auditor and you dont know this vuln (and many ... Your objetive is to protect the system against known and unknown ...
      (Pen-Test)
    • RE: nessus which plugin reports which vulnerability?
      ... nessus which plug'in reports which vulnerability? ... I use the report function to generate a HTML type ... >Protect your network with the comprehensive security solution that ... Protect your network with the comprehensive security solution that ...
      (Pen-Test)
    • Re: Disable File Deletion/Hiding Folders
      ... your task is just infeasible -it is impossible to protect ... > way that Admin cannot find this or that workaround...... ... Anton Bassov has already said: ... There's a fundamental problem with trying to prevent Administrators ...
      (microsoft.public.win32.programmer.kernel)