Hosting Provided By

Re: new on IDSs

This message: [ Message body ] [ More options ]
Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ RE: new on IDSs ] [ Replies ]

From: David W. Goodrum <dgoodrum(at)nfr.com>
Date: Mon Jan 27 2003 - 13:33:42 EST

Actually Omar, NFR's NID engine performs passive OS fingerprinting. So, we re-assemble fragments the same way as the destination OS, thus avoiding that common problem among most other NIDS technologies.

Omar Herrera wrote:
> Dear Vladimir,

>>hi all,
>>
>>I'm interested in NIDS and i was wondering if somebody could, please,
>>answer
>>these questions or give me some information (links, etc):
>>
>>1.- Which are NIDS limitations, in addition of pattern-matching

>
> inherent
>

>>limitations?
>>
>>2.- Wich technologies or investigation lines are trying to minimize or
>>even
>>correct this limitations?
>>
>>3.- What about distributed NIDS?
>>

>
>
>
> ---
> Outgoing mail is certified Virus Free.

-- 
David W. Goodrum
Senior Systems Engineer
NFR Security
Mobile: 703.731.3765
Office: 240.747.3425

Received on Mon Jan 27 14:40:34 2003

This message: [ Message body ]
Next message: Talisker: "Re: Active response... some thoughts."
Previous message: Lance Spitzner: "Know Your Enemy: Learning with VMware"
In reply to Omar Herrera: "RE: new on IDSs"
Reply: Umesh Shankar: "Re: new on IDSs (Context-awareness in IDSes)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:06 EDT