[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] intrusion detection - benifits?
Tom, I presume you're talking about Network based IDS. I'd say there's little point in having this without some form of Server or log based IDS involving file baselining, otherwise even if you detect suspicious network traffic, you can never be sure of tampering on the servers themselves. That would be the first step I'd advise taking. The second thing I'd ask is what traffic is allowed in through the Firewall and is it possible to exploit the applications that are available as a result ? This is the only traffic you have to worry about if you trust your Firewall software and your configuration of it. My .02's worth Seb At 11:21 28/11/2000 -0500, you wrote: Tom,
|