useful real-life example of IDS/IPS
- From: Shai Rubin <shai@xxxxxxxxxxx>
- Date: Thu, 23 Mar 2006 12:17:32 -0600
Hello all,
I'm looking for a real-life case in which an IDS/IPS, if it had been deployed, could have prevented a security breach.
In particular, I'm looking for a case in which:
1. A hacker penetrates an organization's network using a known vulnerability (e.g., MS DCOM).
2. At that time, the organization does not use an IDS/IPS.
3. However, at the same time, there are commercially available devices that could have prevented the attack. By this I mean, a device that by that time, already had a signature that could have stopped the hacker above.
Vendors are welcome to suggest such cases, but all information must be publicly available.
Thanks
Shai Rubin
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
- References:
- Testing IDS with tcpreplay
- From: Elias-Bachrach, Ari (HQ-WRH10)
- Re: Testing IDS with tcpreplay
- From: ehanselman
- Re: Testing IDS with tcpreplay
- From: Aaron Turner
- Re: Testing IDS with tcpreplay
- From: Ivan Arce
- Re: Testing IDS with tcpreplay
- From: Aaron Turner
- Re: Testing IDS with tcpreplay
- From: Greg Shipley
- Testing IDS with tcpreplay
- Prev by Date: Re: Testing IDS with tcpreplay
- Next by Date: Re: Testing IDS with tcpreplay
- Previous by thread: Re: Testing IDS with tcpreplay
- Next by thread: Re: Testing IDS with tcpreplay
- Index(es):
