lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: florin at sgi.com (Florin Andrei)
Subject: Is Marty Lying?

On Mon, 2003-09-22 at 14:13, security snot wrote:
> "Detect intrusions" - if you can set an IDS signature for something, then
> you shouldn't be vulnerable to it.  So the functionality of IDS is to tell
> you when you've been compromised by six-month old public vulnerabilities
> that dvdman has finally gotten his hands on an exploit for, that you never
> bothered to patch for?

True, in an ideal world.
However, in the _real_ one, things are slightly different. Especially on
large networks (> thousands of systems), funny things start to happen.

Your p.o.v. is typical for someone who only has the experience of a
mom'n'pop type of network.

-- 
Florin Andrei

http://florin.myip.org/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ