Firewall Wizards mailing list archives

Re: RE: IDS (was: FW appliance comparison)

From: Cat Okita <cat () reptiles org>
Date: Tue, 24 Jan 2006 22:34:16 -0500 (EST)

On Tue, 24 Jan 2006, Marcus J. Ranum wrote:

That's the main reason why I don't like IDSs. A default deny

policy combined with "log everything" achieves just the same.


*blink* You don't bog down your firewall to the point of being
unuseable doing that?!?


If your firewall bogs down because of a little bit of logging it is
a POS and should be used as a flower planter, not a security
device.


Oh - I agree completely.  If my firewall bogs down because of a little
bit of logging, it should be pushing up daisies.

... but I'm not thinking of a 'little' bit of logging.  I'm thinking of
"look at everything that could -possibly- be of interest".

cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: FW appliance comparison - Seeking input for the forum, (continued)
- - - Re: FW appliance comparison - Seeking input for the forum Paul D. Robertson (Jan 20)
    - Re: FW appliance comparison - Seeking input for the forum Devdas Bhagat (Jan 23)
    - Re: FW appliance comparison - Seeking input for the forum Paul D. Robertson (Jan 23)
    - RE: IDS (was: FW appliance comparison) Ben Nagy (Jan 24)
    - Re: RE: IDS Chuck Swiger (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Patrick M. Hausen (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) ArkanoiD (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Cat Okita (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Paul D. Robertson (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Marcus J. Ranum (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Cat Okita (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Marcus J. Ranum (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Cat Okita (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Joseph S D Yao (Jan 25)
    - Re: RE: IDS (was: FW appliance comparison) chris (Jan 24)
    - Re: RE: IDS (was: FW appliance comparison) Cat Okita (Jan 25)
    - Re: RE: IDS (was: FW appliance comparison) Marcus J. Ranum (Jan 25)
    - Re: RE: IDS (was: FW appliance comparison) chris (Jan 25)
    - Re: RE: IDS (was: FW appliance comparison) Paul D. Robertson (Jan 25)
    - Re: RE: IDS (was: FW appliance comparison) Marcus J. Ranum (Jan 25)
    - Re: RE: IDS (was: FW appliance comparison) Paul D. Robertson (Jan 25)

(Thread continues...)