Augusto Paes de Barros blog on many things cybersecurity.
Thursday, April 27, 2006
Bejtlich and IPSxIDS
Richard Bejtlich is one of the best sources of information and reasonable opinions about intrusion detection. He wrote a very precise argument about why Detection is important even when you can use Prevention. I'll quote him here:"traffic inspection is best used at boundaries between trusted systems. Enforcement systems make sense at boundaries between trusted and untrusted systems."Very good!