| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Jun 2010 18:28:03 +0530
From: rajendra prasad <rajendra.palnaty@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Why the IPS product designers concentrate on
server side protection? why they are missing client protection
Hi List,
I have started this discussion with respect to Network IPS.
Thanks
Rajendra
On Tue, Jun 1, 2010 at 1:08 PM, rajendra prasad
<rajendra.palnaty@...il.com>wrote:
> Hi List,
>
> I am putting my thoughts on this, please share your thoughts, comments.
>
> Request length is less than the response length.So, processing small amount
> of data is better than of processing bulk data. Response may have encrypted
> data. Buffering all the client-server transactions and validating signatures
> on them is difficult. Even though buffered, client data may not be in the
> plain text. Embedding all the client encryption/decryption process on the
> fly is not possible, even though ips gathered key values of clients.Most of
> the client protection is done by anti-virus. So, concentrating client
> attacks at IPS level is not so needed.
>
>
> Thanks
> Rajendra
>
>
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists