|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Hi, I want to study IPS
From: Velasquez Venegas Jaime Omar (jaime
ulima.edu.pe)
Date: Thu May 13 2004 - 13:46:21 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Back when I recently was exposed to IPS term , I tried to understand it
and hardly put it in a well-structured categorie of IDS.
When I got into the details each of one does , then I could find out
that there is no a unique definition for such term.
Every vendor will take the best part of other similar technologies and
will call it whatever it wants to call it.
ISS RealSecure can be defined as just an IPS or an IDS even if it has
the ability to drop/reset tcp connections? Yes and No.I mean , by
drop/resetting a connection it is not being a simple sniffer, it is
taking an action indeed.
Now,I try to stick to that IPS definition that says that IPS is:
An Inline Security Device which not only sniffers traffic as much as it
can but the WHOLE traffic goes through it.
It is able to do some action based on Intrustion Engine
(Behaviour/Signature Analysis)
Jaime Velasquez
-----Original Message-----
From: Shawn [mailto:wjvenoshaw.ca]
Sent: Thursday, May 13, 2004 00:29
To: 'cto'
Cc: focus-idssecurityfocus.com
Subject: RE: Hi, I want to study IPS
IDS and IPS are using the same tools and same abilities. They are
actually the same. IPS came out as a "catch phrase" as a "different"
solution than IDS. Please refer to the recent posting from "Frank
Knobbe" and "Jason" as a reference. Don't get fooled in terminology and
remember there is no "one" solution. Many of us use 4 or 5 types of
systems to pull everything together into an IDS solution. Best of luck
with your task. HAGO.
Wil Veno
wjvenoshaw.ca
shawnwhitehats.ca
-----Original Message-----
From: cto [mailto:ctokdds.co.kr]
Sent: Tuesday, May 11, 2004 7:10 PM
To: focus-idssecurityfocus.com
Subject: Hi, I want to study IPS
Hi,
My name is Kyle and developer.
I'm developing a NIPS(Network Intrusion Prevention System).
I wonder what is different between NIDS and NIPS.
Where can I acquire documents or anything that explain NIPS. Please let
me know that.
Have a nice day!!!
PS: I'm sorry for poor English.
----------------------------------------------------------------------
-----
----------------------------------------------------------------------
-----
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]