[89680] in North American Network Operators' Group
RE: recommendations regarding IPS
daemon@ATHENA.MIT.EDU (Edward W. Ray)
Fri Mar 31 22:29:05 2006
From: "Edward W. Ray" <spamjail@mmicman.com>
To: "'Gadi Evron'" <ge@linuxbox.org>
Cc: "'Hegger, Stefan'" <Stefan.Hegger@lycos-europe.com>,
"'Robert E.Seastrom'" <rs@seastrom.com>, <nanog@merit.edu>
Date: Fri, 31 Mar 2006 19:28:14 -0800
In-Reply-To: <442DE983.6020601@linuxbox.org>
Errors-To: owner-nanog@merit.edu
> Except for one network I have been in charge with I have
> never found the need for any I[DP]S product and find them an
> almost complete waste of time and money.
Agreed, they just for people to "feel" more secure. I use it because I got
one free for selling a bunch to customers who needed them to satisfy various
regulatory requirements. Other than SQL Slammer and the occasional HTTP PHP
exploit attempts, I rarely see anything of consequence.
Edward W. Ray
CISSP, MCSE+Security, P.E., SANS GCIA Gold, SANS GCIH Gold
President
NetSec Design & Consulting
http://www.netsecdesign.com
(714) 997-9226
