[Snort-users] Getting more paranoid by the minute. :-/

AJ Butcher, Information Systems and Computing Alex.Butcher at ...11254...
Mon Apr 26 02:03:12 EDT 2004

--On 24 April 2004 21:35 -0400 "Shaun T. Erickson" <ste at ...11690...> wrote:

> The more I read Syngress Snort 2.0 book (I'm in chapter 5), the more I
> understand that there are an endless number of attacks out there. I'm
> concerned that my lack of knowledge will let an attacker at the data. I
> can't let that happen.
> How can I possibly learn enough, quickly enough, to write all the rules
> to protect my client, when I don't even know all the attacks and exploits
> that are out there?

You Can't. Don't Promise That You Can.

The client should be hiring you to /reduce/ exposure to risk, not to 
eliminate it. If this isn't what they /think/ they're hiring you to do, you 
need to reset their expectations, urgently.

> 	-ste

Best Regards,
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9

More information about the Snort-users mailing list