[unisog] IPS

Dave Ellingsberg dave.ellingsberg at csu.mnscu.edu
Tue Feb 8 14:15:24 GMT 2005


One item not discussed is possible DoS against major customers of your
institutions.  If addresses are spoofed in an attack against your
institution with addresses of your major users does this cause an
interruption of service to your major customers.  Has anyone experienced
this sort of attack against an IPS service?

bigfoot

| Wes,
|
| What are your requirements?  IDS or IPS might not be the best
answer,
| depending on what you want to do.  Network Based Anomaly Detection
might
| better fit the bill, as it did for us (with QRadar).
|
| What do you need the tool to do?
|
| -Dan
|
| _________________
| Daniel Adinolfi, CISSP
| Senior Security Engineer, IT Security Office
| Cornell University - Office of Information Technologies
| email: dra1 at cornell.edu   phone: 607-255-7657
|
| _______________________________________________
| unisog mailing list
| unisog at lists.sans.org 
| http://www.dshield.org/mailman/listinfo/unisog 
|
|

- --
Wes Young
Network Security Analyst
University at Buffalo
GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCCL711M5o0FsrrbERAmX8AJ9leC5BNBRmoPJ+hW81jed/H15QrgCgnA3T
Ef1PqLo4kUXPdCgRcSXc3fc=
=fdwu
-----END PGP SIGNATURE-----
_______________________________________________
unisog mailing list
unisog at lists.sans.org 
http://www.dshield.org/mailman/listinfo/unisog



More information about the unisog mailing list