[Snort-users] Fallacies and lies.

Bob Walder bwalder at ...1926...
Wed Nov 5 01:57:16 EST 2003


Gartner like to keep trotting this one out to garner some publicity - at
our recent NetEvents seminar in Cannes the highlight of the event was
the discussion panel entitled "IDS is Dead", on which we included IDS
vendors, IPS vendors and a Gartner representative. Even he admitted that
the statements in their recent press release were "a little strong" - I
put it to him that they were actually complete bollocks - the truth
probably lies somewhere in-between.

Note in this latest piece of drivel that they maintain that the firewall
can do all its firewall business plus some intrusion detection and
prevention, and all at wire speeds. Well, show me a firewall that can do
all of that at Gigabit speeds and I will eat my hat - most Gigabit
firewalls cannot even firewall at wire speeds, never mind anything else.
Note also that they maintain that "mature products will appear in 2005"
- so what are we supposed to do until then? I think IDS is safe for
now....

I am not a vendor of IDS/IPS product - I have no connection with any
such vendors (other than in my capacity as an independent tester of such
products) and so I have no real axe to grind here - but it really ticks
me off that Gartner can keep on coming out with crap like this and not
only getting away with it, but actually getting some mugs to pay for it!

Regards,

Bob Walder
Director
The NSS Group
www.nss.co.uk

------------------------------------------------------------------------
----------
This message is intended for the addressee only and may contain
information that may be of a privileged or confidential nature. If you
have received this message in error, please notify the sender and
destroy the message immediately. Unauthorised use or reproduction of
this message is strictly prohibited.



>> -----Original Message-----
>> From: snort-users-admin at lists.sourceforge.net 
>> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf 
>> Of Mark Penny
>> Sent: 05 November 2003 10:07
>> To: snort-users at lists.sourceforge.net
>> Subject: [Snort-users] Fallacies and lies.
>> 
>> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> 
>> Hello,
>> 
>> Has anyone else seen this:
>> 
http://www.csoonline.com/analyst/report1660.html

There appears to be little basis in fact with this report. Our favourite
pig will quite happily perform at network speeds and in inline mode.

Regards,

Mark.
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3

wkYEARECAAYFAj+ovbgACgkQprlSYjpr01LOnQCgn8Rgozmp4SUNw5aVAi9gIXVNTC8A
nAu8RCOcAattkCWBSyNVssZjPUB5
=IsGO
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427


-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program. Does
SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users






More information about the Snort-users mailing list