IDS mailing list archives
RE: Intrusion Prevention
From: <Robert_Huber () bankone com>
Date: Wed, 11 Dec 2002 07:59:06 -0500
From what I understand, ForeScout tags all scans, so when they see a real attack and pick up the tag and accurately identify it. This works fine for most stuff; however, it assumes that all atacks start with a scan of some sort.
-----Original Message----- From: Adam Powers [mailto:apowers () lancope com] Sent: Tuesday, December 10, 2002 11:17 AM To: Paul Wayne Brager Jr; focus-ids () securityfocus com Subject: RE: Intrusion Prevention
From what I understand of the technology, they only accommodate external
threats. They don't provide protection against internal -> internal or internal -> external threats. Perhaps someone from Forescout could comment on this "limitation". Additionally, to say "100% accuracy" implies that they properly interpret 100% of the attacks (100% "precision" as another poster explained it). Unlikely. -----Original Message----- From: Paul Wayne Brager Jr [mailto:shonuff () houston rr com] Sent: Monday, December 09, 2002 1:25 AM To: intrusi0n () cox net; focus-ids () securityfocus com Subject: Re: Intrusion Prevention There's no such thing as no "false positives"...they smokin crack ----- Original Message ----- From: <intrusi0n () cox net> To: <focus-ids () securityfocus com> Sent: Thursday, December 05, 2002 9:12 PM Subject: Intrusion Prevention
Hello everyone, Has anyone here seen or used ActiveScout, by ForeScout technologies?
It claims to have a 100% accuracy , no false positives. I am rather skeptical, but I was wondering if anyone here has any expertise using or evaluating this.
Any input is greatly appreciated! ()()()()()
********************************************************************** This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you **********************************************************************
Current thread:
- Re: Intrusion Prevention, (continued)
- Re: Intrusion Prevention roy lo (Dec 10)
- Re: Intrusion Prevention Karl Lynn (Dec 11)
- RE: Intrusion Prevention Avi Chesla (Dec 09)
- Re: Intrusion Prevention Jill Tovey (Dec 09)
- Re: Intrusion Prevention Frank Knobbe (Dec 10)
- RE: Intrusion Prevention Adam Powers (Dec 10)
- RE: Intrusion Prevention Ralph Los (Dec 10)
- Re: Intrusion Prevention Vern Paxson (Dec 10)
- RE: Intrusion Prevention Chris Petersen (Dec 11)
- Intrusion Prevention Johnny Kho (Dec 23)
- RE: Intrusion Prevention Robert_Huber (Dec 11)
- RE: Intrusion Prevention Matthew L. McGuirl (Dec 11)
- RE: Intrusion Prevention Frank Knobbe (Dec 11)
- RE: Intrusion Prevention Carey, Steve T GARRISON (Dec 23)
- Re: Intrusion Prevention Dave Mitchell (Dec 23)
- Re: Intrusion Prevention Randy Taylor (Dec 24)
- Re: Intrusion Prevention Dave Mitchell (Dec 23)
- Re: Intrusion Prevention Rick Williams (Dec 27)
- OSEC [WAS: Re: Intrusion Prevention] Greg Shipley (Dec 29)
- NSS (was Re: Intrusion Prevention) Randy Taylor (Dec 30)