Rick Smith wrote: > Black Ice sounds like a PC firewall and intrusion detection bundle. I don't > see any surprising technology. The main thing seems to be pricing and > packaging -- it's designed for home/small office use. > > It would be interesting to hear how it compares with Marcus' (free for > download) BackOfficer Friendly. Black Ice marketing lit is fairly uninformative. However, when I said so in comp.security.misc :-) I got this very helpful post back from the Black Ice CTO ( http://x36.deja.com/[S0=90708c11189f544]/getdoc.xp?AN=471128515&CONTEXT=940988836.161874077&hitnum=15 , a deja.com query of subject="BLACKICE IDS" and looing for posts from Robert David Graham). The particularly interesting technologies seem to include: * back-scanning the intruder * the usual claim of "we have more signatures than anyone else" (I wouldn't know :-) * allegedly smarter scanning algorithms that do packet reassembly to detect fragmented attacks * designed to detect attacks inside the corporate LAN Disclaimer: I have absolutely nothing to do with Black Ice. I have not tried their product, I'm just passing along the relevant info. Crispin ----- Crispin Cowan, CTO, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:45:25 PDT