IDS: Re: IDS testing methodologies

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

IDS mailing list archives

Re: IDS testing methodologies

From: Mike Lyman <mlyman-security () comcast net>
Date: Fri, 02 Jan 2004 18:03:39 -0600

On Fri, 2004-01-02 at 08:52, Alvin Oga wrote:

in my book ... ( small world ) .. an IDS is not very useful, because, the
cracker is already in your network ... game over ...


Don't forget that once in, you still have to get him out. If the cracker
is in, the game has only just begun. If the guy has touched more than
one system, IDS can still play a major roll here, especially your home
grown IDS systems that are tailored to your environment. 

-- 
Mike Lyman <mlyman-security () comcast net>


---------------------------------------------------------------------------
---------------------------------------------------------------------------

By Date By Thread

Current thread:

IDS testing methodologies Henrik Falkenthros, direktoer (Jan 02)
- Re: IDS testing methodologies Nigel Houghton (Jan 02)
- Re: IDS testing methodologies Ron Gula (Jan 02)
- Re: IDS testing methodologies Alvin Oga (Jan 02)
  - Re: IDS testing methodologies James Riden (Jan 05)
  - Re: IDS testing methodologies Mike Lyman (Jan 05)
    - Re: IDS testing methodologies s tart Alvin Oga (Jan 06)
  - Re: IDS testing methodologies Stephen P. Berry (Jan 06)
- Re: IDS testing methodologies Sam f. Stover (Jan 02)
- RE: IDS testing methodologies Henrik Falkenthros, direktoer (Jan 05)
- Re: IDS testing methodologies hoop (Jan 05)