[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Intrusion Detection
NEVER NEVER there... I have done my bad deeds for the day.... Just call me lazy not wanting to write a program for every client.... Hey I can hire a programmer for that and make millions !!! Sorry Lance... I just don't want to go there... I would rather educate the client and let them set their own paranoia levels. and to Steven Lee ... yes I have seen one inept client DOS themselves by pinging their FW from their upstream router..... hehe it was funny..... especially since I warned them about the very thing you warned me about today, 2 years ago. Jon ----- Original Message ----- From: "Lance Spitzner" <[email protected]> To: "Jon Vandiveer" <[email protected]> Cc: <[email protected]> Sent: Friday, January 12, 2001 6:12 PM Subject: re: [FW1] Intrusion Detection > On Fri, 12 Jan 2001, Jon Vandiveer wrote: > > > Currently there is only ONE certified IDS product for Checkpoint, > > RealSecure. Checkout www.opsec.com > > > > However I have heard that NFR (www.nfr.com) will work with Checkpoint > > > > Just remember that Intrusion Detection is different from Intrusion Response. > > i.e. Sn0rt does detection, but cannot Block connections; while RealSecure > > can issue commands to FW's and routers. > > When dealing with Unix, one never says the word can't. It is possible > to have snort reconfiure FW-1 rules. > > http://www.enteract.com/~lspitz/intrusion.html > > However, I would be EXTREMELY careful how you can use this feature. > > lance > > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|