Monday, April 17, 2006

On the Utility (Futility?) of HIPS?

Do you like the idea of "hardening" a host by installing a host intrusion prevention system (HIPS)? Dailydave list has this fun discussion on the value (and hackability of HIPS), check it out. Here is one take on it - patching is more useful than HIPS:

Fwd: [Dailydave] RE: We have the enemy, and the enemy is... you: "Verdict [on HIPS]:

Don't buy them! Don't spend the time and the energy to get them to work
for your enterprise. There are several reasons for me to say this but i
would like to first start offering you the alternative.


Pay attention to what MSFT is doing!"

Others violently disagree...

Dr Anton Chuvakin