Re: what do IDS analysts work on?
From: Rowdy (rowdy_yates_at_no-damn-spam.com)
Date: 10/27/03
- Next message: email_at_address.com: "Re: Having trouble doing whois - can anyone identify 211.33.72.114 please ?"
- Previous message: aldo: "Re: firewall appliance and software/hardware combination"
- In reply to: David: "Re: what do IDS analysts work on?"
- Next in thread: David: "Re: what do IDS analysts work on?"
- Reply: David: "Re: what do IDS analysts work on?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 27 Oct 2003 14:02:04 GMT
Thanks for your reply, David!
I am trying to figure out whether, in order to pursure a career in IDS &
firewall design/setup I will need to take some rudimentary UNIX courses. by
the looks of it, it's probably not a bad idea.
:-)
David <davidwnh@adelphia.net> wrote in
news:Xg5nb.132539$qj6.8975935@news1.news.adelphia.net:
> Generally both. You can sniff traffic from any platform, but to get
> the best signatures which will not only detect specific malicious
> activity, but do so with fewer false positives or ambiguity you often
> have to let an exploit run it's course. So you may need a honeypot
> built upon the platform for which the exploit was desiged. You can run
> virtual machines
> however, where you are running one OS from within another. For the
> most
> part what one needs is a good understanding of the underlying
> protocols so that you know what makes certain exploits unique from
> valid traffic.
>
- Next message: email_at_address.com: "Re: Having trouble doing whois - can anyone identify 211.33.72.114 please ?"
- Previous message: aldo: "Re: firewall appliance and software/hardware combination"
- In reply to: David: "Re: what do IDS analysts work on?"
- Next in thread: David: "Re: what do IDS analysts work on?"
- Reply: David: "Re: what do IDS analysts work on?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
