Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > focus-ids > 03 > 060729.html (Request Expert securityfocus.com Support)

Re: Rather funny; looks like page defacement to me

From: Callan K L Tham <miburo(at)singnet.com.sg>
Date: Sun Jun 15 2003 - 00:02:02 EDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Saturday 14 June 2003 03:48, broyds@rogers.com wrote:
> In general, they are perfectly correct.

It's interesting that you say that. I would think the point you're making here is "The admin doesn't know what's going on in his network to monitor traffic properly to properly make use of IDS. Most networks are badly designed in the first place to take advantage of IDS capabilities."

In that case the problem lies with the people who designed it and the competence of the admin they hired; remember, you pay peanuts, you get monkeys. A competent network admin _must_ know what his traffic looks like. That's why he gets paid. If he doesn't no amount of firewalls, IDS, IPS, etc will save his butt.

I think these analysts are out for publicity; they simply don't make sense.

>Interestingly, they denigrate Intrusion

Agreed; I believe IPS would be a good next step for companies already with IDS installed.

Do you need help?X

> Most IDS are still installed by people who don't even

I agree that the average sysadmin might not be able to handle an IDS straight off. But an admin who don't understand TCP/IP? Why does he even have a job? Oh wait...that explains the countless amount of codereds and nimdas and sadminds I see _every_ day....

If the arguments are admin incompetence and poorly-designed networks, then they do not hold water. A company who doesn't care about it's IT infrastructure deserves to be cracked; and admin who doesn't know TCP/IP (I got a good laugh from that) should be paraded on the streets and flogged.

Just my lack-of-caffeine $0.02...just got outta bed...

Callan
- --
"I disapprove of what you say, but I will defend to the death your right to say it." - Beatrice Hall Registered Linux User #311796
ICQ UIN: 1926211
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE+6++7nyMhcbScbQYRAirOAJ4h5ClqEe08clgluj6UuunKhbqkUgCfUh5F C8m8DPYaKYeIVQLcwp/73kQ=
=/4EQ
-----END PGP SIGNATURE-----


Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com
Received on Tue Jun 17 09:52:42 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:14 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library