Re: IDS detection approaches
- From: jean-philippe luiggi <jpl@xxxxxxxxxxxxxx>
- Date: Sat, 6 Oct 2007 09:43:19 -0400
Hello Franck,
On 5 Oct 2007 02:29:52 -0000
frankfrydrych@xxxxxxxxx wrote:
Hola,
I would completely go with a signature based IDS. Anomaly based IDS
will not give you the greatest results.
As of signature based IDS...
Let's imagine a so called "0-day", how could you get signature for
a thing that nobody saw ?
I don't say Anomaly based IDS are best, they're complementary
for precisely trying to find what the signature based do not see.
Best regards,
Jean-philippe.
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- References:
- Re: IDS detection approaches
- From: frankfrydrych
- Re: IDS detection approaches
- Prev by Date: bittorrent file transfer - rate limit
- Next by Date: Re: IDS detection approaches
- Previous by thread: Re: IDS detection approaches
- Next by thread: Re: IDS detection approaches
- Index(es):
Relevant Pages
|
