Hi Dhruv, I agree with what you have said... but then there is no 100% fool proof method for detecting anything. As far as I've seen iPolicy Networks IDS protection is quite strong... :)
Vipul Kumra Sr. Security Analyst -----Original Message----- From: Dhruv Soi [mailto:[EMAIL PROTECTED] Sent: Saturday, October 08, 2005 11:20 AM To: [EMAIL PROTECTED]; [email protected] Subject: Re: IDS and Spywares Yeah you are right. Spyware detection through any anti-spyware program would be stronger mechanism than detecting it through IDS. But installation or information upload attempt of spyware can be blocked by IDS. Blocking may be in terms of detecting the vulnerability exploit attempt using which spyware installation occurs. Like IE vulnerabilities (IE chm, Drag Drop etc etc), or it could be detecting unique CLSIDs of known Spyware programs. And there are many products (Tipping Point, iPolicy etc. etc.) which claim that they block Spyware in their IDS. But I don't believe that Network based Spyware detection is full proof protection for Spyware but still it helps to certain extend. Ciao Dhruv --- [EMAIL PROTECTED] wrote: > Could anyone in the group name a few IDS which > detect spywares. In my view spywares are to be > detected by an antivirus system and not by a network > device. > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to > http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > > to learn more. > ------------------------------------------------------------------------ > > __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ __________________________________ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
