Wednesday, May 16, 2007


So, sometimes I highlight something that I found insightful or fun. But in other cases I like to point something stupid. For example, this IDS-related article deserves a prestigious spot in the later category. E.g.

* "that many IDS systems are already becoming less reliant on signatures, and using rule-based engines instead"
* "The product [IDS] isn't really changing"
* "
he expects IDS/IPS products to be packaged with honeynet technology as well"

The paper also has a pretty "shiny" collection of frustratingly obvious.

* "This generation of IDSs is getting better." - as opposed to getting worse? :-)
* "IDS data is being used as part of intelligence-collection for forensics" - wow, this is deep insight from an expert right there ! :-)

So, was Mr Schultz misquoted or did he lose touch from being in academia for too long? Judging by his book ("Intrusion Detection and Prevention") is has to be the latter ...

Dr Anton Chuvakin