Penetration Testing mailing list archives

Re: IPS arguments

From: Keith Pasley Com6 <kpasley6 () comcast net>
Date: Fri, 20 Feb 2009 19:32:46 -0500

IPS is not the same as a firewall. De is an access control device. IPSfunction is looking attacks that come through the fw. Unified securityappliances which now include IPS function are increasingly blurringthe distinction between the two components.



Sent from my mobile

On Feb 19, 2009, at 3:42 AM, "M.D.Mufambisi" <mufambisi () gmail com>wrote:

Hi Hugo.

I am also in the same dilemma as you are. I work for a consultancy
firm and one of the advisors here told the client to get an IPS in
addition to a firewall, antivirus etc. I really do not get it. With
the IPS wont there be 2 firewalls now?
Also, im not into penetration tests but i sure wish to move into that
field. May i please have advice on procedures and tests performed
during a pen test? Or a framework of some sort? Your advice will be
greatly appreciated. Oh, i see you have your trojan. What language did
you use to code it? How do i get to train myself to develop security
tools/trojans etc?

Hope to hear from you soon.

Kind regards,

On 2/14/09, Hugo Vinicius Garcia Razera <hviniciusg () gmail com> wrote:

Hello Gentleman's,

I have finished a penetration testing to a client like a month ago.
The company i worked for used some practices that i don't agree with.
that's one of the reasons i resigned. any way they managed to shell
the audited company a CISCO IPS using the results of the pen test.

Well the thing is that the CIO of that company is refusing to install
the IPS on their network even after his company has already put a buy
order for the equipment and said IPS is know on their building but he
refuses to install such equipment, augmenting that it is totally
unnecessary because they all ready have an Microsoft ISA server
Firewall in place, and symantec enpoint protection on the clients
machine.

Can any one point me why, they need an IPS?

The old company i worked for wants me to penetrate their network, to
proof them they need an IPS . this time I'm thinking on deploying an
old Trojan i coded.

but i would like to have more compelling arguments on why some oneneeds an

IPS

thanks for the time replying to my questions

Hugo

Current thread:

Re: IPS arguments, (continued)
- Re: IPS arguments arvind doraiswamy (Feb 20)
- Re: IPS arguments Esteban Farao (Feb 20)
- Re: IPS arguments JiPi DiNi (Feb 20)
- RE: IPS arguments Shenk, Jerry A (Feb 20)
- Re: IPS arguments M.D.Mufambisi (Feb 20)
  - Re: IPS arguments Micheal Cottingham (Feb 22)
  - Re: IPS arguments Danny Fullerton (Feb 22)
    - Re: IPS arguments Javier Reyna (Feb 26)
    - Re: IPS arguments Trygve Aasheim (Feb 27)
    - Re: IPS arguments Webmaster 003 (Feb 27)
  - Re: IPS arguments Keith Pasley Com6 (Feb 22)
  - Re: IPS arguments David Howe (Feb 22)
- RE: IPS arguments JoePete (Feb 22)
- Re: IPS arguments Adriel T. Desautels (Feb 26)
- Re: IPS arguments kellstr (Feb 20)