From: Rhino Bond (rhino007_us@yahoo.com)
Date: Wed May 08 2002 - 17:37:05 EDT
Folks,
Since many of us are intensly commited to learning,
research and knowledge I felt it appropriate to post
this here. At my current contract we are trying to
come up with a set of rules that is "all inclusive"
(as much as possible). Granted a Security Policy is
part of it, so are firewall rules, so might be the
rules for the IDS. When I asked for further
clarification on this topic, I was told, "you know
something like "fuzzy-logic" that states IF "A" then
"Z" (for example a hacker is hacking away at the
firewall), BUT if the hacker breaks through the
firewall, then We need to jump to IDS rules, so now
it's IF B then Y, and if the hacker get's into the
corporate piggy bank and steals money, then it's IF C
then X...
Any thoughts on this? Anyone seen a white paper on
such a set of rules?
Cheers, David
David R. Hawley, CISSP
__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:28:08 EDT