| ||LinkBack||Thread Tools||Display Modes|
IPS + data center
I mull over how installation of IPS
device can increase security of data
center where the only service are http,
https and domain.
Could someone help me in deliberations ?
Re: IPS + data center
> I mull over how installation of IPS
> device can increase security of data
> center where the only service are http,
> https and domain.
> Could someone help me in deliberations ?
Would it help to say that among the paths to intrusion most favored by
attackers are attacks against web applications?
Without IDS/IPS there's nothing alerting you to suspicious http attack
signatures, and nothing locking out the IP's of script kiddies running
scripted attacks against common web application errors.
IPS isn't a substitute for having your web applications and server
configuration pen tested though, to identify vulnerabilities.
Re: IPS + data center
Sebastian Gottschalk napisał(a):
> A wonderful example why such IPSs are stupid. The "script kiddies" will
> spoof IP addresses of important hosts and your IP blocking will turn into a
> Only a fool would implement automatic reactions to IDS events.
True. But I can turn off DOS blocking option for several host.
I'am convinced that IPS in corporate network will very useful but what with data
Does IPS help securing serwers agains XSS, SQL injection, buffer overflow code
sending to server ? What else ?
And the final question is: what is the sense to shell 80k$ for such device ?
|Thread||Thread Starter||Forum||Replies||Last Post|
|HPSBGN02187 SSRT061280 rev.1 - Mercury LoadRunner, Performance Center, Monitor over Firewall, Remote Unauthenticated Arbitrary Code Execution||Security Alert||comp.security.misc||0||02-08-2007 10:06 PM|
|Gain the best from existing resources to improve data security||Andy Lotus||comp.security.misc||0||02-04-2007 07:00 AM|
|[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1||Shannon Appel||comp.security.misc||0||10-19-2005 05:37 AM|
|[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1||Shannon Appel||comp.security.misc||0||08-30-2005 05:26 AM|
|[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1||Shannon Appel||comp.security.misc||0||07-31-2005 05:25 AM|