On 23 Mar 07, at 11:31, Stefano Zanero wrote:
Nomellames nunca wrote:
HIDS are different than NIDS.
Quite different.
NIDS cannot defend against insider
attacks, for example.
This is not true. It may be true that currently available NIDS, deployed
as they are currently deployed, cannot. But it's not a distinctive
feature of HIDS against NIDS in general.
>
Maybe Nomellames nunca was referring "insider" to users in the system
who try perform unauthorised actions whilst logged in. Not via a
network connection. Besides this, Stefano is right, having an
internal NIDS can be of help to detect/defend insider attacks and if
the proper technology is used, also misuse/abuse of resources.
cheers
(viva la birra Moretti!)
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
