You're missing one point: Host IPS MUST be deployed with any Network Security (Firewalls os NIPSs).
No security solution/technology is the miracle protection alone, so that's the reason everybody is talking about defense in depth. Cheers. Nelson Brito Security Researcher http://fnstenv.blogspot.com/ Please, help me to develop the ENG® SQL Fingerprint™ downloading it from Google Code (http://code.google.com/p/mssqlfp/) or from Sourceforge (https://sourceforge.net/projects/mssqlfp/). Sent on an iPhone wireless device. Please, forgive any potential misspellings! On Jun 1, 2010, at 4:38 AM, rajendra prasad <[email protected]> wrote: > Hi List, > > I am putting my thoughts on this, please share your thoughts, > comments. > > Request length is less than the response length.So, processing small > amount of data is better than of processing bulk data. Response may > have encrypted data. Buffering all the client-server transactions > and validating signatures on them is difficult. Even though > buffered, client data may not be in the plain text. Embedding all > the client encryption/decryption process on the fly is not possible, > even though ips gathered key values of clients.Most of the client > protection is done by anti-virus. So, concentrating client attacks > at IPS level is not so needed. > > > Thanks > Rajendra > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
