Go Back   Wireless and Wifi Forums > News > Newsgroups > alt.computer.security
Register FAQ Forum Rules Members List Calendar Search Today's Posts Advertise Mark Forums Read

 
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 01-08-2007, 12:02 PM
mikahan
Guest
 
Posts: n/a
Default IPS + data center

Hello

I mull over how installation of IPS
device can increase security of data
center where the only service are http,
https and domain.

Could someone help me in deliberations ?


regards
mikahan

Reply With Quote
  #2 (permalink)  
Old 01-08-2007, 01:50 PM
Todd H.
Guest
 
Posts: n/a
Default Re: IPS + data center

mikahan <address@address.hidden> writes:

> Hello
>
> I mull over how installation of IPS
> device can increase security of data
> center where the only service are http,
> https and domain.
>
> Could someone help me in deliberations ?


Would it help to say that among the paths to intrusion most favored by
attackers are attacks against web applications?

Without IDS/IPS there's nothing alerting you to suspicious http attack
signatures, and nothing locking out the IP's of script kiddies running
scripted attacks against common web application errors.

IPS isn't a substitute for having your web applications and server
configuration pen tested though, to identify vulnerabilities.

Best Regards,
--
Todd H.
http://www.toddh.net/

Reply With Quote
  #3 (permalink)  
Old 01-09-2007, 08:21 AM
mikahan
Guest
 
Posts: n/a
Default Re: IPS + data center

Sebastian Gottschalk napisaƂ(a):
> A wonderful example why such IPSs are stupid. The "script kiddies" will
> spoof IP addresses of important hosts and your IP blocking will turn into a
> Self-DoS.
>
> Only a fool would implement automatic reactions to IDS events.


True. But I can turn off DOS blocking option for several host.
I'am convinced that IPS in corporate network will very useful but what with data
center ?

Does IPS help securing serwers agains XSS, SQL injection, buffer overflow code
sending to server ? What else ?

And the final question is: what is the sense to shell 80k$ for such device ?






Reply With Quote
Reply


« SSL info | Secure WLAN with OpenVPN tutorial (pretty long) »
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
HPSBGN02187 SSRT061280 rev.1 - Mercury LoadRunner, Performance Center, Monitor over Firewall, Remote Unauthenticated Arbitrary Code Execution Security Alert comp.security.misc 0 02-08-2007 09:06 PM
Gain the best from existing resources to improve data security Andy Lotus comp.security.misc 0 02-04-2007 06:00 AM
[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1 Shannon Appel comp.security.misc 0 10-19-2005 04:37 AM
[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1 Shannon Appel comp.security.misc 0 08-30-2005 04:26 AM
[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1 Shannon Appel comp.security.misc 0 07-31-2005 04:25 AM


All times are GMT. The time now is 07:17 PM.



Powered by vBulletin® Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.6.0 PL2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45