|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Stefano Zanero (s.zanero
securenetwork.it)
Date: Mon Sep 24 2007 - 13:16:00 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
abhicc285gmail.com wrote:
> If the traffic is encrypted then it IDS will first have to decrypt
> the traffic. The IDS will have the keys to decryopt the traffic.
Correct.
> kind of design is certainly possible in HIPS where for SSL traffic
> keys can be uploaded,
Incorrect, in HOST intrusion prevention such artifice is not needed usually.
> forward the traffic to exploit/vulnerability specific rules. However
> it will be computationaly expensive.
This is not really the problem. The problem is: do you really want to
store all of your keys on another device.
Stefano
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]