Re: Current IDS problems

barcajax_at_gmail.com
Date: 10/19/05

  • Next message: Doug Fox: "TippingPoint and its filters"
    Date: 19 Oct 2005 01:08:54 -0000
    To: focus-ids@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is) Personally? Deploying the IDS is the easy part, its what comes after that which causes the most pain. Fine tuning and monitoring alerts are the two things about IDS that I dread.

    ------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it
    with real-world attacks from CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
    to learn more.
    ------------------------------------------------------------------------


  • Next message: Doug Fox: "TippingPoint and its filters"

    Relevant Pages

    • IDS testing...again [WAS: Re: (OpenBSD or Linux)]
      ... Subject: IDS testing...again ... Snort was using more than 33% CPU more than Prelude ... But if you are deploying multiple NIDS devices, crikey, even at ... I don't want to promote vendor ...
      (Focus-IDS)
    • RE: IDS vs. IPS deployment feedback
      ... Totally agree with you Intrusion Detection is not dead. ... IPS is a great benefit, but if you have a network that changes then it ... you still have to run it in an IDS mode to ... Much of the rhetoric and push for deploying IPS devices that are ...
      (Focus-IDS)
    • Article Announcement: Checklist for Deploying an IDS
      ... Checklist for Deploying an IDS ... The scope of this article considers the worst case scenario, ... deploying a Network IDS on a remote network. ...
      (Focus-Microsoft)
    • SecurityFocus new article announcement
      ... Checklist for Deploying an IDS ... The scope of this article considers the worst case scenario, ... deploying a Network IDS on a remote network. ...
      (Security-Basics)
    • Re: Re: Triggering IDS
      ... If it doesn't ring the alarm either it's not working or you need a different IDS. ... deploying an IDS that I expect it not to work once I have finished ... So although they have alerts, they are still missing a significant ... vulnerability management needs. ...
      (Pen-Test)