[177778] in North American Network Operators' Group
Re: Checkpoint IPS
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Feb 5 11:47:49 2015
X-Original-To: nanog@nanog.org
To: Terry Baranski <terry.baranski.list@gmail.com>
In-Reply-To: Your message of "Thu, 05 Feb 2015 09:31:49 -0500."
<CACAVgUy0Q8_wHcmez2FHg0sVJUynGJ_P85AoRkn=UJ73aprcEQ@mail.gmail.com>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 05 Feb 2015 11:46:55 -0500
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1423154815_2002P
Content-Type: text/plain; charset=us-ascii
On Thu, 05 Feb 2015 09:31:49 -0500, Terry Baranski said:
> People tend to hear what they want to hear. Surely your claim can't be that
> an IPS has never, in the history of Earth, prevented an attack or exploit.
> So it's unclear to me what you're actually trying to say here.
Count up the number of *actual* attacks they have stopped that wouldn't
have been stopped otherwise, and contrast it to the number of times they've
been used as the *basis* for an attack (DDoS via state exhaustion, for starters)
or their failure has caused operational issues. Remember that one of the
three security pillars is "Availability".
Still think they're a good idea?
--==_Exmh_1423154815_2002P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBVNOefgdmEQWDXROgAQKSVg/6Av2yZxsVJMM4dkkYw/bTU9mDG71V9xVo
WqNg38J01vXFrbzfKdMxQg4wNW5D1f+ecoRDWqRn+UhrWhc8WSfC3T9snjbTiQUA
noYdF9wX4beEZ09dMC5ZG8ac7x+DeuOOQ3Py97n6U/y0Gqmkpqowh8KMEamhVSFH
UAD7VIvP/1DcLSOJ/ByKZAJP3kA+pRv8atvNVd2TDRXDowmzVqvoHGER6DnO3Hg8
XAj5RgNa5/lDbo6u2LrGyX4lD0aoX1YHIuvAfL18PchVCai1J4QOa32oq7PvA/kU
N4cxAnkNGQyOxjyixiA1ztr7uN/lXnMsumDMASToQ12WfqkQ1nDYaJpdLQ4bNHjQ
FCTHi8dBK4dWtj+/J3ofFEp3rbRqCG19laW8Imi5SU+8HzzA0srisLSoa2iB/297
JYjd2Pz/nQxItk2PnLmZsQyDbU4g+xN78V6NzdwXzToFEPM33qf2XaUTi6RF/Mvs
pipcFhdrnjGClIxwzNTLDlaE0Su1z0l074rJqOd3pQodkeceu7eOz8cywWm9103m
PuboePR8VR4wu8oPKQr5Ga1CHA3jIjRmn5l9dCoDMUxzyGI5RwQnZucgr8dq9Opl
4TnD6RfALvVTqPj4rafWe+iWMn/2bT+GBKmRooe/tG9GYpKpQmABOojQYiSWeclw
vESeuYQZ3ds=
=EQmG
-----END PGP SIGNATURE-----
--==_Exmh_1423154815_2002P--
