[Snort-users] IDS and Firewall
mkettler at ...4108...
Thu Apr 29 12:07:01 EDT 2004
At 09:17 AM 4/29/2004, Shaffer, Paul D wrote:
>At 07:46 PM 4/28/2004, Matt Kettler wrote:
> >There are others (ie: Paul) who feel it's better to make the
> >compromise in order to gain the benefits of having an IDS on hand.
>Matt, I had to start over because I was got dizzy trying to follow the
>back and forth in that offline email we had going. I appreciate you
>ceding this point.
Yep, it's just a matter of difference of opinion on priorities.
> And I remember when those two vulnerabilities you mentioned (in our
> offline conversation) came out last year, but don't recall hearing about
> them ever being successfully exploited.
Exploits for the old snort 1.9.1 bugs are definitely in-the-wild and not
>I'm sure you'll agree that generally speaking, computer security is all
>about countering or mitigating risk. The old saying about the computer
>locked in a safe at the bottom of the ocean comes to mind. True absolutes
>a few and far between. Everything is a compromise at some level.
Yep.. I agree with you.. You and I just have different priorities as to
what parts of the compromise is important.
We're just disagreeing on what the value of an IDS is, compared with the
value of a secure firewall. To me, it's no question, but you think
differently, and we both hold our opinions quite strongly.
More information about the Snort-users