 
Dailydave mailing list archives
Re: Risk Management Services
From: "Mark Teicher" <mark.teicher () gmail com>
Date: Tue, 3 Apr 2007 15:54:08 -0400
Can you actually pull data from the management station and produce legible reports yet?? On 4/3/07, trklisted () networksamurai org <trklisted () networksamurai org> wrote:
 I have about 1500 blink agents deployed at my hospital here in miami.
I've been on the product since it was unusable (version 1.2). Version 2.0was awesome,
3.0 is better. I have taken it to a bunch of war nets and different cons
and it stands up.
Although its a part of the fabric its not all of the fabric, we have been
worm / botnet / virus free for the most part since we've completed that
overhaul of the security fabric of that net.
moses, networksamurai.org
    According to Ryan Naraine[1], they're making 12 Million dollars a year
selling that and Retina, so someone's using it. Oddly, it's the exact same
amount of money that Sana just took in. Weird day in HIDS land.
I spent all night trying to massage the Mercur IMAP NTLM bug into
submission. Still nothing. Sometimes the hoolios are the hardest exploits.
Apparently people actually use these weird little Windows servers though so
they're worth doing. That's what I'm telling myself, after 10 hours on
Mercur, anyways.
-dave
[1]http://blogs.zdnet.com/security/?p=148
On 4/2/07, *C Q* <kyle.c.quest () gmail com> wrote:
There's probably two reasons why nobody wants to buy HIDS...
First, which especially applies to Blink (made by eEye), it's
because it's unusable... I turned it off and uninstalled it
after using it for just a few minutes. Second, companies
rely on their significant investements in firewalls, IPSes,
application proxies, etc and they feel that they are protected
enough (I'm not saying that they are correct in their assumptions,
but that's what they usually think :-) ).
Companies do, however, buy other types of host-based
"risk management systems" that try to protect their IP,
sensitive information, etc, which also helps them with compliance
(SOX,HIPAA,PCI,etc).
 On 4/2/07, *Dave Aitel* < dave.aitel () gmail com> wrote:
A HIDS shakeup? Sana takes in more money and Ross Brown gets fired from
eEye's CEO all in the same day? I never can get anyone to buy HIDS. We often
recommend it in our reports, but no company ever bites the bullet and does
it. Perhaps when they think HIDS they think this:
http://media1.break.com/dnet/media/content/pic2903.jpg .
I wanted to point out that Applied Security has posted the results from
their shmoocon hacking contest (note that I come in last!).
http://www.appliedsec.com/conferences.html
They've also got a server set up so everyone can play, which, I have to
say, takes cojones. I guess that's the sort of thing you can do when you are
a sponsor for GRSecurity.
-dave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Risk Management Services Dave Aitel (Apr 02)
- Re: Risk Management Services C Q (Apr 02)
- Re: Risk Management Services Dave Aitel (Apr 02)
- Re: Risk Management Services Paul Melson (Apr 03)
- Re: Risk Management Services Jeff Moore (Apr 03)
 
 
- Re: Risk Management Services Dave Aitel (Apr 02)
- Re: Risk Management Services Adriel T. Desautels (Apr 03)
 
- Re: Risk Management Services C Q (Apr 02)
- <Possible follow-ups>
- Re: Risk Management Services trklisted (Apr 03)
- Re: Risk Management Services Mark Teicher (Apr 03)
- Re: Risk Management Services trklisted[at]networksamurai[dot]org (Apr 03)
 
 
- Re: Risk Management Services Mark Teicher (Apr 03)
- Re: Risk Management Services Jeff Moore (Apr 03)


