RE: [Snort-users] IDS and Firewall
This is a discussion on RE: [Snort-users] IDS and Firewall within the Snort forums, part of the System Security and Security Related category; At 09:17 AM 4/29/2004, Shaffer, Paul D wrote: >At 07:46 PM 4/28/2004, Matt ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-29-2004
|
|||
|
|||
RE: [Snort-users] IDS and Firewall
At 09:17 AM 4/29/2004, Shaffer, Paul D wrote:
>At 07:46 PM 4/28/2004, Matt Kettler wrote: > > >There are others (ie: Paul) who feel it's better to make the > >compromise in order to gain the benefits of having an IDS on hand. > >Matt, I had to start over because I was got dizzy trying to follow the >back and forth in that offline email we had going. I appreciate you >ceding this point. Yep, it's just a matter of difference of opinion on priorities. > And I remember when those two vulnerabilities you mentioned (in our > offline conversation) came out last year, but don't recall hearing about > them ever being successfully exploited. Exploits for the old snort 1.9.1 bugs are definitely in-the-wild and not theoretical: http://lists.debian.org/debian-secur.../msg00332.html http://packetstormsecurity.org/0304-.../p7snort191.sh >I'm sure you'll agree that generally speaking, computer security is all >about countering or mitigating risk. The old saying about the computer >locked in a safe at the bottom of the ocean comes to mind. True absolutes >a few and far between. Everything is a compromise at some level. Yep.. I agree with you.. You and I just have different priorities as to what parts of the compromise is important. We're just disagreeing on what the value of an IDS is, compared with the value of a secure firewall. To me, it's no question, but you think differently, and we both hold our opinions quite strongly. ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
