funsec mailing list archives
Re: so, is I[dp]S a STUPID technology?
From: Roland Dobbins <rdobbins () cisco com>
Date: Tue, 11 Oct 2005 14:16:28 -0700
Yes, I've found microanalytical technologies such as IDS to be very useful on large networks when a) alerted to an issue by a macroanalytical technology such as flow-based anomaly-detection and then drilling down and b) used for forensics and analysis after-the- fact.
On Oct 11, 2005, at 1:57 PM, Blue Boar wrote:
Aviram Jenik wrote:See, this is what I don't get. I can understand the bored people (sorry Gadi) who want to log and monitor who attacks them and why. I _can't_ understand the busy people who are actually protecting their network, spending their time and money on silly IDS solutions.So after you have had a successful intrusion, you really really wish that you had some logs to help tell you what happened. An IDS can provide some of those. Ideally, one closer to the original concept of NFR.Or perhaps you work for a group that requires investigating all attempts, and it becomes a survival technique to reduce those as much as possible. ;)Ryan _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
------------------------------------------------------------------- Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. -- Doug Gwyn _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- so, is I[dp]S a STUPID technology? Gadi Evron (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Jordan Wiens (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Aviram Jenik (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Blue Boar (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Roland Dobbins (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Aviram Jenik (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Jordan Wiens (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 12)
- Re: so, is I[dp]S a STUPID technology? Blue Boar (Oct 12)
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 12)
- Re: so, is I[dp]S a STUPID technology? Blue Boar (Oct 12)
- Message not available
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 13)
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 11)
- Re: so, is I[dp]S a STUPID technology? Robert Edmonds (Oct 20)
- Re: so, is I[dp]S a STUPID technology? Paul Schmehl (Oct 20)