Home page logo
/

focus-ids logo IDS mailing list archives

useful real-life example of IDS/IPS
From: Shai Rubin <shai () cs wisc edu>
Date: Thu, 23 Mar 2006 12:17:32 -0600



Hello all,

I'm looking for a real-life case in which an IDS/IPS, if it had been deployed, could have prevented a security breach.

In particular, I'm looking for a case in which:

1. A hacker penetrates an organization's network using a known vulnerability (e.g., MS DCOM).
2. At that time, the organization does not use an IDS/IPS.
3. However, at the same time, there are commercially available devices that could have prevented the attack. By this I mean, a device that by that time, already had a signature that could have stopped the hacker above.

Vendors are welcome to suggest such cases, but all information must be publicly available.


Thanks

Shai Rubin

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]