Hosting Provided By

Re: Intrusion Prevention

From: Jill Tovey <jill.tovey(at)bigbluedoor.com>
Date: Mon Dec 09 2002 - 04:46:10 EST

('binary' encoding is not supported, stored as-is)
In-Reply-To: <20021206031213.FGIH2199.lakemtao01.cox.net@smtp.east.cox.net>

ActiveScout by all intents and purposes seems a unique and innovative approach to IDS technologies and provides a number of advantages over other detection systems, such as proactively detecting reconnaissance attacks.

However, as far as I can see the disadvantages could be that you can only run the sensor on a redhat 7.2 platform, which is fairly old now.

On testing it seems to have performed well, however, I have read that there have been some problems. ActiveScout is good at detecting attacks that are followed by reconnaissance activities, but does not catch all direct attacks made on a system.

I think it would work well with an anomaly-based IDS on the internal network.

Kind Regards,

Jill Tovey Received on Tue Dec 10 00:06:42 2002

This message: [ Message body ]
Next message: Paul Wayne Brager Jr: "Re: Intrusion Prevention"
Previous message: Alan Shimel: "RE: Reports from Cisco IDS"
In reply to: intrusi0n(at)cox.net: "Intrusion Prevention"
Next in thread: Frank Knobbe: "Re: Intrusion Prevention"
Reply: Frank Knobbe: "Re: Intrusion Prevention"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:04 EDT