Hosting Provided By

Re: Active response... some thoughts.

From: Thomas H. Ptacek <tqbf(at)pobox.com>
Date: Tue Feb 04 2003 - 12:57:42 EST

On 1/31/03 1:22 PM, "Chris Travers" <chris@travelamericas.com> wrote:

> An IDS could have hooks into a routers filtering tables in order to

ACL countermeasures are generally avoided because it is hard to make them fail safely. It is not easy to push soft-state ACLs to Cisco and Juniper routers; the risk that the IDS could get desynchronized from the filter is large. Received on Wed Feb 5 17:42:34 2003

This message: [ Message body ]
Next message: Michael L. Artz: "Protocol Anomaly Detection IDS"
Previous message: Kistler Ueli: "IDScenter 1.1 rc1 released"
In reply to: Chris Travers: "Re: Active response... some thoughts."
In reply to Chris Travers: "Re: Active response... some thoughts."
Next in thread: Chris Travers: "Re: Active response... some thoughts."
Reply: Chris Travers: "Re: Active response... some thoughts."
Reply: Pete Herzog: "RE: Active response... some thoughts."
Reply: Ralph Los: "RE: Active response... some thoughts."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:09 EDT