| 1 |
On Sat, 2004-09-11 at 11:37, Daniel wrote: |
| 2 |
> -----BEGIN PGP SIGNED MESSAGE----- |
| 3 |
> Hash: SHA1 |
| 4 |
> |
| 5 |
> |
| 6 |
> > |
| 7 |
> > Would it make sense to put disaster recovery programs |
| 8 |
> |
| 9 |
> Definately |
| 10 |
> |
| 11 |
> > and IDS programs |
| 12 |
> > in there too? |
| 13 |
> |
| 14 |
> Wasn't thinking about it. IDS programs have a different philosophy. Forensics |
| 15 |
> and disaster recovery programs carefully control, extract and present data |
| 16 |
> into a usable form. |
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
> IDS is a system hardening and prevention of data damage. |
| 21 |
|
| 22 |
Sorry for the nit pick but this this statement is incorrect. |
| 23 |
An IDS does nothing to harden a system. They are not preventive at all. |
| 24 |
You can still get compromised just same regardless if you have an IDS in |
| 25 |
place or not. They only serve to provide an audit trail. Programs such |
| 26 |
as hogwash are an IPS as they make an effort to (re|pro)actively avoid |
| 27 |
compromises. |
| 28 |
|
| 29 |
> |
| 30 |
> - -- |
| 31 |
> Daniel Black <dragonheart@g.o> |
| 32 |
> -----BEGIN PGP SIGNATURE----- |
| 33 |
> Version: GnuPG v1.2.4 (GNU/Linux) |
| 34 |
> |
| 35 |
> iD8DBQFBQxvShhpKunZncJcRAui7AKCCzuofXlEkRn3W/OQXgTpImU1uNACeL6g3 |
| 36 |
> /sYV1///k1VVQ+L+N9ZtYhg= |
| 37 |
> =FgKV |
| 38 |
> -----END PGP SIGNATURE----- |
| 39 |
> |
| 40 |
> -- |
| 41 |
> gentoo-dev@g.o mailing list |
| 42 |
-- |
| 43 |
Ned Ludd <solar@g.o> |
| 44 |
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer |
Archives