On Wednesday, January 25, 2017 at 6:22:14 PM UTC+1, raah...@gmail.com wrote:
> On Tuesday, January 24, 2017 at 9:15:10 AM UTC-5, Kopimi Security wrote:
> > On Monday, January 23, 2017 at 8:38:56 PM UTC+1, Reg Tiangha wrote:
> > > Yeah, I tried it myself leaving my laptop turned on and on learning mode
> > > for three weeks straight, but it didn't catch everything and certain
> > > things still failed so there's definitely some manual massaging that
> > > needs to be done.
> > 
> > Thank you for your input!
> > 
> > Would you think a sniffing approach, or a tripwire approach, to be better*?
> > 
> > * On a RAM-limited system
> 
> what do you mean by sniffing approach?  

Sorry for being unclear, I'm not a native speaker.

By "sniffing", I meant to refer to active monitoring of known attack types,  a 
pro-active approach as opposed to a more after-the-fact intrusion detection 
system.
Kind of like watchdogs for memory, and snort for ports.

Google recently wrote up some advice for hardening KVMs: 
https://cloudplatform.googleblog.com/2017/01/7-ways-we-harden-our-KVM-hypervisor-at-Google-Cloud-security-in-plaintext.html

Their number one advice is using a pro-active approach.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/02fa0201-0f4f-43c4-a786-164a6147d35d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to