Tim Holman wrote: > Probably, but then no IDS/IPS is ever going to offer you 100% protection > (ie you need defense in depth), so should such a list _really_ matter?
Totally correct. If you add that IPS products (as well as most IDS products) are fundamentally misuse-based, they will likely miss any new attack, or specific attack against your own applications, this becomes even more academic. This is not an excuse for lame products, and HD and co. made a very very good presentation and nice work ;) Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
