Description : Application Intrusion Prevention Systems pefilm 8 mn - 13 mars 2008
Intrusion detection systems have existed for the last 20 years, and trends have shifted from using HIDS to using NIDS. Unfortunately Host Intrusion Detection Systems can only see symptoms of intrusions on a single host or set of hosts if distributed, and Network Intrusion Detection Systems can only see symptoms of intrusions on network segments. Intrusion Prevention Systems are inline IDSes that attempt to prevent an attack IF and only IF it was detected in the first place.
Unfortunately today's attacks target web applications and there is very little a NIDS or HIDS would catch of these, because they examine lower level protocols and symptoms. Among others, we will examine what would and what would not get caught with today's IPSes. Moving forward, this presentation will propose a new approach to protecting your data from attackers: Application Intrusion Prevention Systems.
We will introduce important new concepts of Network based Application Intrusion Prevention Systems (NAIPS) and Application based Application Intrusion Prevention Systems (AAIPS), counterparts and complements respectively of HIPS, and NIPS. We will look at existing technologies that can be used towards our goal, and put forward a few concrete and effective methods that could be used to perform the application intrusion prevention. Finally we will look at the advantages and limitation of each method
Hopefully, this presentation will pave the way to a new generation of Intrusion Prevention Systems.
Full video: http://video.google.com/videoplay?docid=-5884267248089217481
Menu > Revue des videos : - l'ensemble [tous] - par mots clé [tous] - par site [tous] - le tagwall video [voir] - Top bi-hebdo des videos [Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 18.104.22.168 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 22.214.171.124 to any 80"
- Nous contacter par mail