Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: RE: Intrusion Prevention

RE: Intrusion Prevention

From: <Robert_Huber_at_bankone.com>
Date: Wed, 11 Dec 2002 07:59:06 -0500

>From what I understand, ForeScout tags all scans, so when they see a real attack and pick up the tag and accurately identify it. This works fine for most stuff; however, it assumes that all atacks start with a scan of some sort.

-----Original Message-----
From: Adam Powers [mailto:apowers_at_lancope.com]
Sent: Tuesday, December 10, 2002 11:17 AM
To: Paul Wayne Brager Jr; focus-ids_at_securityfocus.com
Subject: RE: Intrusion Prevention

>From what I understand of the technology, they only accommodate external
threats. They don't provide protection against internal -> internal or
internal -> external threats. Perhaps someone from Forescout could
comment on this "limitation".

Additionally, to say "100% accuracy" implies that they properly
interpret 100% of the attacks (100% "precision" as another poster
explained it). Unlikely.

-----Original Message-----
From: Paul Wayne Brager Jr [mailto:shonuff_at_houston.rr.com]
Sent: Monday, December 09, 2002 1:25 AM
To: intrusi0n_at_cox.net; focus-ids_at_securityfocus.com
Subject: Re: Intrusion Prevention

There's no such thing as no "false positives"...they smokin crack
----- Original Message -----
From: <intrusi0n_at_cox.net>
To: <focus-ids_at_securityfocus.com>
Sent: Thursday, December 05, 2002 9:12 PM
Subject: Intrusion Prevention

> Hello everyone,
>
> Has anyone here seen or used ActiveScout, by ForeScout technologies?
It
claims to have a 100% accuracy , no false positives. I am rather
skeptical,
but I was wondering if anyone here has any expertise using or evaluating
this.
>
> Any input is greatly appreciated!
>
> ()()()()()
>

**********************************************************************
This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you
**********************************************************************
Received on Dec 11 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos