1 |
On Sat, 2004-09-11 at 11:37, Daniel wrote: |
2 |
> -----BEGIN PGP SIGNED MESSAGE----- |
3 |
> Hash: SHA1 |
4 |
> |
5 |
> |
6 |
> > |
7 |
> > Would it make sense to put disaster recovery programs |
8 |
> |
9 |
> Definately |
10 |
> |
11 |
> > and IDS programs |
12 |
> > in there too? |
13 |
> |
14 |
> Wasn't thinking about it. IDS programs have a different philosophy. Forensics |
15 |
> and disaster recovery programs carefully control, extract and present data |
16 |
> into a usable form. |
17 |
|
18 |
|
19 |
|
20 |
> IDS is a system hardening and prevention of data damage. |
21 |
|
22 |
Sorry for the nit pick but this this statement is incorrect. |
23 |
An IDS does nothing to harden a system. They are not preventive at all. |
24 |
You can still get compromised just same regardless if you have an IDS in |
25 |
place or not. They only serve to provide an audit trail. Programs such |
26 |
as hogwash are an IPS as they make an effort to (re|pro)actively avoid |
27 |
compromises. |
28 |
|
29 |
> |
30 |
> - -- |
31 |
> Daniel Black <dragonheart@g.o> |
32 |
> -----BEGIN PGP SIGNATURE----- |
33 |
> Version: GnuPG v1.2.4 (GNU/Linux) |
34 |
> |
35 |
> iD8DBQFBQxvShhpKunZncJcRAui7AKCCzuofXlEkRn3W/OQXgTpImU1uNACeL6g3 |
36 |
> /sYV1///k1VVQ+L+N9ZtYhg= |
37 |
> =FgKV |
38 |
> -----END PGP SIGNATURE----- |
39 |
> |
40 |
> -- |
41 |
> gentoo-dev@g.o mailing list |
42 |
-- |
43 |
Ned Ludd <solar@g.o> |
44 |
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer |