Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

focus-ids logo IDS mailing list archives

Signatures taking down network
From: David Williams <dwilliamsd () gmail com>
Date: Sat, 14 Jan 2006 09:03:53 -0500
I'm evaluating a Tipping Point box and after gettting the latest
signatures I'm having problems with the box "crashing".  My goal is
not to bash Tipping Point, but instead to gather information on how
often people have seen this type of thing among IPS boxes.

Is there a trend with vendors to roll out signatures as fast as
possible without proper QA?  This brings up a lot of questions about
deploying IPS.  I want two opposite things from my vendors:  1) I want
the latest signatures super fast.  2)  I want proper QA so that it
doesn't bring down my network.  I realize those two things are
contradictory, but I thought I'd throw it out there to see if anybody
had any thoughts.

thanks,

d

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]