On Sat, 2004-09-11 at 11:37, Daniel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> >
> > Would it make sense to put disaster recovery programs
> 
> Definately
> 
> > and IDS programs 
> > in there too?
> 
> Wasn't thinking about it. IDS programs have a different philosophy.  Forensics 
> and disaster recovery programs carefully control, extract and present data 
> into a usable form. 



> IDS is a system hardening and prevention of data damage.

Sorry for the nit pick but this this statement is incorrect.
An IDS does nothing to harden a system. They are not preventive at all.
You can still get compromised just same regardless if you have an IDS in
place or not. They only serve to provide an audit trail. Programs such
as hogwash are an IPS as they make an effort to (re|pro)actively avoid
compromises.

> 
> - -- 
> Daniel Black <dragonheart@gentoo.org>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
> 
> iD8DBQFBQxvShhpKunZncJcRAui7AKCCzuofXlEkRn3W/OQXgTpImU1uNACeL6g3
> /sYV1///k1VVQ+L+N9ZtYhg=
> =FgKV
> -----END PGP SIGNATURE-----
> 
> --
> gentoo-dev@gentoo.org mailing list
-- 
Ned Ludd <solar@gentoo.org>
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer