IDS mailing list archives
Re: IPS Vendor Evasion
From: Stefano Zanero <s.zanero () securenetwork it>
Date: Thu, 04 Jan 2007 20:25:29 +0100
Tim Holman wrote:
Probably, but then no IDS/IPS is ever going to offer you 100% protection (ie you need defense in depth), so should such a list _really_ matter?
Totally correct. If you add that IPS products (as well as most IDS products) are fundamentally misuse-based, they will likely miss any new attack, or specific attack against your own applications, this becomes even more academic. This is not an excuse for lame products, and HD and co. made a very very good presentation and nice work ;) Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- IPS Vendor Evasion trav_2 (Jan 03)
- RE: IPS Vendor Evasion Kohlenberg, Toby (Jan 03)
- Re: IPS Vendor Evasion H D Moore (Jan 03)
- Re: IPS Vendor Evasion Tim Holman (Jan 03)
- Re: IPS Vendor Evasion Stefano Zanero (Jan 04)
- Re: IPS Vendor Evasion Stefano Zanero (Jan 03)
- Re: IPS Vendor Evasion jeff . stebelton (Jan 03)
- <Possible follow-ups>
- Re: IPS Vendor Evasion levinson_k (Jan 03)