IDS mailing list archives
Re: How to choose an IDS/FW MSS provider
From: Peter Schawacker <peter () schawacker com>
Date: Mon, 14 Mar 2005 21:51:02 -0800 (PST)
Safe enough for some, not safe enough others. Depends on what your priorities are, what your trying to protect, etc. You seem to have generally the right idea about how we store keys. I won't rehash the gory details here, as they've already been covered on this forum within the past year. Also, there's a white paper on the McAfee web site that covers IntruShield's SSL decryption foo at a high level. Peter --- Will Metcalf <william.metcalf () gmail com> wrote:
Hmmmmm, been wanting to ask this for a while now. I understand you guy's use public key encryption to encrypt the private key of the SSL certificates so that you may inspect SSL encrypted traffic sent to web servers you are trying to defend with the IntruShield product. Are these keys decrypted and then stored in memory on your device? If so, do you think that is safe? Regards, Will On Sat, 12 Mar 2005 11:41:46 -0800 (PST), Peter Schawacker <peter () schawacker com> wrote:Hi Kevin, You make some good points, but I wanted to clarify something that you wrote. McAfee's IntruShieldNIPSappliance does not run Linux. Also, it is ASIC/FPGA-based. Each IntruShield appliance does include a celeron processor, but that Intel chipisused only for management. All of the IDS/IPS workisdone using FPGA's, ASIC's and network processors. BTW, I work for McAfee. Peter --- Kevin <kkadow () gmail com> wrote:On Thu, 10 Mar 2005 16:28:57 +0000, buineach...And there are products like Intrushield, whichareknown to use Linux/LGPL code and also boast about thehighperformance of "ASIC based appliance" IPS.I think you will admit that the technologyusedby IDS vendors isalmost the same as the appliance IPS they nowpromote....
--------------------------------------------------------------------------
Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it withreal-world attacks fromCORE IMPACT. Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
-------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- RE: How to choose an IDS/FW MSS provider, (continued)
- RE: How to choose an IDS/FW MSS provider KoƧ.net (Mar 11)
- Re: How to choose an IDS/FW MSS provider Mark Teicher (Mar 11)
- RE: How to choose an IDS/FW MSS provider Andrew Plato (Mar 14)
- Re: How to choose an IDS/FW MSS provider fuijdancer (Mar 14)
- Re: How to choose an IDS/FW MSS provider Stephane (Mar 16)
- Re: How to choose an IDS/FW MSS provider Peter Schawacker (Mar 14)
- Re: How to choose an IDS/FW MSS provider Kevin (Mar 14)
- Re: How to choose an IDS/FW MSS provider Will Metcalf (Mar 16)
- RE: How to choose an IDS/FW MSS provider Dahl-Hansen, Kjetil (Mar 16)
- RE: How to choose an IDS/FW MSS provider Joshua Berry (Mar 16)
- Re: How to choose an IDS/FW MSS provider Peter Schawacker (Mar 16)
- Re: How to choose an IDS/FW MSS provider Mark Teicher (Mar 16)
- Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 19)
- RE: How to choose an IDS/FW MSS provider Palmer, Paul (ISSAtlanta) (Mar 16)
- RE: How to choose an IDS/FW MSS provider THolman (Mar 16)
- Re: How to choose an IDS/FW MSS provider Sasser (Mar 19)
- Re: How to choose an IDS/FW MSS provider Mark Teicher (Mar 16)
- RE: How to choose an IDS/FW MSS provider THolman (Mar 16)
- RE: How to choose an IDS/FW MSS provider Andrew Plato (Mar 16)
- Re: How to choose an IDS/FW MSS provider Andre Ludwig (Mar 19)
- Re: How to choose an IDS/FW MSS provider Prashant Khandelwal (Mar 24)
- Re: How to choose an IDS/FW MSS provider Andre Ludwig (Mar 19)
(Thread continues...)