Discussion on LinkedIn Group: What is the best IDS system?

LinkedIn Security Leaders GroupThat was the question recently asked by a fellow security professional on the LinkedIn Security Leaders Group.

I’m not usually very excited about posting on LinkedIn Discussion Groups. On top of that, I don’t even have the time to blog anything on my own site. However, I could not resist to write a comment on that discussion about what the best IDS system is. Not when I read the following comment:

Actually the idea of an IDS system has been obsolete for a few years now. Given the latest events in the security area, there are plenty of traffic anomalies far more advanced than relatively-simple signatures out there to deal with.

The best approach nowadays is the IPS (Intrusion Prevention Systems) which would not only detect and inform IT management of the attack events but will also apply the necessary countermeasures to them. Most important of all, this must happen at wire-speed with ASIC-based systems.

Continue reading “Discussion on LinkedIn Group: What is the best IDS system?”

Links to overcome the post-holiday syndrome

September came quickly and holidays are gone. Well, at least for me and for most of the people that live in this part of the world. If you happen to be one of those that survived the holiday season -and all its hassles- without even approaching your laptop, blackberry, iPhone, PDA or any other kind of “always-on” Internet device… you are either a liar or a hero.

Whatever you did, and despite the amount of money you spent, one thing is for sure: if you are reading this it’s safe to assume that you are still interested in reading about good infosec stuff, aren’t you?

Keep reading then and have a look at the following links containing a few interesting security tools, new forensic challenges and even a new Multi-Boot Security Live DVD:

  • DFRWS 2008 Rodeo (forensic challenge): The 8th annual Digital Forensic Research Conference was held from August 11 to 13, 2008 in Baltimore, MD. A key element of this conference is the “forensic rodeo”, a challenge where conference attendees form teams to solve a digital forensic problem. The DRFWS has made the materials for the 2008 Forensic Rodeo available on their website for educational purposes and to support further research in memory analysis and file carving. The scenario description and the image files can be downloaded http://www.dfrws.org/2008/rodeo.shtml Continue reading “Links to overcome the post-holiday syndrome”

Working in Sydney: updates from “Down Under”

It’s been about a week since I arrived in Sydney and it’s passed really quickly. I headed to Sydney on Sunday, July 6, via London, and will stay here for two weeks to work on an ISO 27001 security project that will extend to beginning of 2009. The offices I’m working at, in Darling Park, are really nice, and the views over Darling Harbour simply awesome, as you can see below.

View over Darling Harbour

Now that my body is starting to recuperate from the 8 hours time difference, I’ve decided to upload a few pictures to the Photos area. There aren’t that many at the moment, but I’ll keep uploading more as I go. Continue reading “Working in Sydney: updates from “Down Under””