Dailydave mailing list archives
Re: lots of monkeys staring at a screen....security?
From: Gadi Evron <ge () linuxbox org>
Date: Fri, 27 Oct 2006 07:24:00 -0500 (CDT)
On Fri, 27 Oct 2006, Joanna Rutkowska wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dave Korn wrote: /.../Second point is: defense in depth. It's an extra barrier. You don't /not/ run an AV just because someone can write a custom virus it won't detect. You run simple and automated systems that can deal with the 90% of threats that are easily managed in order to free up valuable /human/ resource to look into the 10% that really do need to be understood. It does /work/; it's just that, when working, it only has a limited role to fill and is not a one-stop-shop-one-size-fits-all-be-all-and-end-all-turnkey-security-solution.Nobody says it needs to be a one-size-fits-all solution - it's just that there is a difference between something which is capable of detecting/preventing only a bunch of *known* exploits vs. something which is capable of preventing a known *class* of attacks... joanna.
Enough people here know about how IDS's don't live up to nearly any expectations, or how they.. do? I personally don't believe in them in any way, I would implement them once I am done with a lot of other security measures. Now, if I am to look at what they give me vs. another box for compromising which sits in a critical location... I am not sure what choice I'd make. For some reason, people equate Intrusion Detection to IDS devices. IDS devices are signature based and try to detect bad behaviour using, erm, a sniffer or equivalent. Intrusion detection is everything which will help detect an intrusion. IDS won't unless it's too late, and keep you busy while you're at it. Gadi. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- lots of monkeys staring at a screen....security? Dave Aitel (Oct 26)
- Re: lots of monkeys staring at a screen....security? Dave Korn (Oct 26)
- Re: lots of monkeys staring at a screen....security? Joanna Rutkowska (Oct 27)
- Re: lots of monkeys staring at a screen....security? Gadi Evron (Oct 27)
- Re: lots of monkeys staring at a screen....security? Joanna Rutkowska (Oct 27)
- Re: lots of monkeys staring at a screen....security? Blue Boar (Oct 26)
- Re: lots of monkeys staring at a screen....security? Jamie Riden (Oct 26)
- Re: lots of monkeys staring at a screen....security? Kevin Johnson (Oct 27)
- Re: lots of monkeys staring at a screen....security? Dave Aitel (Oct 27)
- Re: lots of monkeys staring at a screen....security? Halvar Flake (Oct 27)
- Re: lots of monkeys staring at a screen....security? Thomas Ptacek (Oct 27)
- Re: lots of monkeys staring at a screen....security? Matt Beaumont (Oct 27)
- Re: lots of monkeys staring at a screen....security? Dave Aitel (Oct 28)
- Re: lots of monkeys staring at a screen....security? Ron Gula (Oct 28)
- Re: lots of monkeys staring at a screen....security? liquidfish (Oct 27)
- Re: lots of monkeys staring at a screen....security? Dave Aitel (Oct 27)
- Re: lots of monkeys staring at a screen....security? Dave Korn (Oct 26)