Hi,
Seems to me hype, no more...
Our no-hype gurus are talking about how an intrusion can be
identified. Up to now - if i'm not mistaken - what we can say is:
We can process the log and the audit trail, in order to minimize
the part which needs human inspection and further analysis to find
out if it was a "hack" or not.
I don't belive that any of our existing code - be it stateful
inspection, application gw, whatever - is capable of identifing all
future attack types, capable of deciding if a "never ever seen
someting" is a hack or not.
Third: what kind of counter attack would it launch? Is it
continuously developping new attacks? Or is it trying sequentially
all the already known exploits? If yes, an up to date firewall
POSSIBLY can resists all of them.
regards,
Zoltan
> Anyone else heard of this? Seems like pure hype based on fiction to
>me....Is this pure marketing smoke, or is there some sort of unreal
>counter-attack technology bundled into this product?
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:58:53 PDT