IDS mailing list archives
RE: Is IDS/IPS worthless?
From: "DeGennaro, Gregory" <Gregory_DeGennaro () csaa com>
Date: Mon, 23 Feb 2004 09:35:52 -0800
The SANS statement is very true. IDS\IPS is not a save all or Plug and Play system. This system is a tool out of many to help you mitigate malicious activity and requires continuous maintenance and monitoring like all other security systems. There is not one system in the security industry that will save you from malicious activity without proper use and monitoring. Core security originates from your trained employees or end users (customers) and how well your tools are deployed and configured throughout your network. If IDS\IPS are a waste, I guess firewalls are too since crackers can bypass them too due to misconfigurations, vulnerabilities\exploits, technology limitations, and\or genius level smarts. A true firewall = wire cutters ... ;-) Regards, Greg DeGennaro Jr., CCNP Security Analyst -----Original Message----- From: Robert Jackson [mailto:rjackson () panam edu] Sent: Monday, February 23, 2004 6:21 AM To: 'Andrew Plato'; focus-ids () securityfocus com Subject: RE: Is IDS/IPS worthless? Anyone that thinks IDS/IPS systems are a waste is a waste! If you haven't had the chance attend the SANS institute IDS tract, do so. These are the most intense (and scary) 6 days that you can imagine, and will enhance your IT skills to the max! IDS/IPS administration is an art and science, and is a life all it's own, seperate but associated with network and systems adminiistration! A dedicated IDS/IPS Analyst/Administrator can enhance the operation of your IT resources! This person can analyze anomalies, detect, eliminate, forecast based on these anomalies and adjust defenses, the key word here is dedicated! Anyway, how do you think the new exploits on the net are being discovered? ------------ --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_focus-ids_040219 ---------------------------------------------------------------------------
Current thread:
- Re: Is IDS/IPS worthless?, (continued)
- Re: Is IDS/IPS worthless? SecurIT Informatique Inc. (Feb 23)
- RE: Is IDS/IPS worthless? Martin (Feb 23)
- RE: Is IDS/IPS worthless? Oscar Kooijman (Feb 24)
- RE: Is IDS/IPS worthless? Bob Walder (Feb 23)
- RE: Is IDS/IPS worthless? BĂ©noni MARTIN (Feb 23)
- RE: Is IDS/IPS worthless? Jeff McLaughlin (Feb 23)
- RE: Is IDS/IPS worthless? Matthew L. McGuirl (Feb 23)
- RE: Is IDS/IPS worthless? Robert Jackson (Feb 23)
- RE: Is IDS/IPS worthless? Cure, Samuel J (Feb 23)
- Re: Is IDS/IPS worthless? Webb Wang CS (Feb 23)
- RE: Is IDS/IPS worthless? DeGennaro, Gregory (Feb 23)
- RE: Is IDS/IPS worthless? Matthew L. McGuirl (Feb 23)
- RE: Is IDS/IPS worthless? Bell, Gregory (ISS Atlanta) (Feb 23)
- IDS/IPS Value Chuck Jenson (Feb 25)
- RE: Is IDS/IPS worthless? Bob Walder (Feb 24)
- RE: Is IDS/IPS worthless? Andrew Plato (Feb 25)
- RE: Is IDS/IPS worthless? Bob Walder (Feb 26)
- Re: Is IDS/IPS worthless? SecurIT Informatique Inc. (Feb 23)