Network-Based Solution for Phishing Attacks?

Network-Based Solution for Phishing Attacks? 16

Posted by Cliff on Monday October 10, 2005 @07:55PM from the still-need-to-educate-the-end-user-though dept.

An anonymous reader is curious about this: "A company called TippingPoint (3com) sells an Intrusion Prevention System (IPS) that promise 'to block phishing attempts and guard against identity theft'. What I found interesting is the wide spectrum of actions they take to acheive a single goal: 'The IPS uses a variety of mechanisms to detect and prevent phishing scams including vulnerability protection, pattern-matching protection, and behavior-based protection.' What do you think about the effectivness of IPS?"

Network-Based Solution for Phishing Attacks?

This discussion has been archived. No new comments can be posted.

Load All Comments

Search 16 Comments Log In/Create an Account

Comments Filter:

Nice marketing copy (Score:1, Interesting)

by Anonymous Coward writes:

It's not every day that you can get on "Ask Slashdot" by quoting brochure copy. If multiple vendors were mentioned I'd take this seriously, but this sounds a lot like a marketing shill to me.
- Re:Nice marketing copy (Score:1, Insightful)
  
  by Anonymous Coward writes:
  
  I am also a vendor of anti-phishing technology.
  You might want to check out my premium product offering. It's called "STOP CLICKING SHIT"
Since We started using IPS... (Score:5, Funny)

by SmurfButcher Bob ( 313810 ) writes: on Monday October 10, 2005 @09:02PM (#13760928) Journal

... I've lost 20 pounds, my acne has cleared up, my wife moved back in and doesn't want a divorce anymore, my dog somehow got un-hit by a car and is alive again, my son stopped using drugs, my daughter isn't pregnant anymore, my truck magically fixed itself and runs again, my boss called and gave me my job back, my dialup connection allows me to surf up to 5x faster than before, I'm not dumb enough to click on emails from banks anymore, I'm suddenly brilliant enough to realize that I've never had an EBay account, and I'm suddenly brilliant enough to realize that Paypal doesn't NEED to verify what my password is.

Yep, this IPS is amazing. It is only rivaled by the greatness of the Virus Scanner that runs on my PocketPC, which detects every known PktPC virus ever created. I'm still trying to figure out how they do that with a signiture database that is 0 bytes in length, but...

- - Re:Since We started using IPS... (Score:2)
    
    by SmurfButcher Bob ( 313810 ) writes:
    
    Hey, I said my wife moved back and doesn't want a divorce... :)
Not Good Enough...Yet (Score:5, Interesting)

by toleraen ( 831634 ) writes: on Monday October 10, 2005 @09:11PM (#13760975)

A few months ago I took part in a test of several IPS units from major manufacturers. We had the manufacturer set them up with the "toughest" settings to make our network as secure as possible. We ran several different hacks, malicious code, exploits, etc through the IPS. The IPSs blocked hardly any attacks through. Even exploits that were a decade old that the unit was supposedly blocking were allowed through. From what we could determine, they were pretty much glorified anti-virus boxes. They relied far too much on signature files instead of heuristics. IPSs have a long way to maturity IMHO.

Intrusion Protection (Score:1)

by cuteseal ( 794590 ) writes:

Is that what they're calling it now? The functionality they're describing sounds more like spam filtering.
Dunno about you, but Intrusion Protection conjures up images of firewalls, virus scanning and script blocking software to me...
What do you think about the effectivness of IPS? (Score:4, Insightful)

by droleary ( 47999 ) writes: on Tuesday October 11, 2005 @02:41AM (#13762720) Homepage

They appear to be supremely effective in getting a Slashvertisement. An anonymous reader my ass . . .

Impossible (Score:2)

by Kevin Burtch ( 13372 ) writes:

It can't possibly work.

Nearly every company I deal with for paying bills, purchasing, etc... all use an outside company for bill-processing.
I get emails all of the time from my utilities providers (water, electricity, phone, cable+internet, etc.) for various reasons that happen to have links to outside companies.

Even ebay/paypal do this, although verification with them is easier - a simple "whois ebay-whateverthisnewhostnameiveneverheardof.com" returns the same owners as "whois ebay.com".

Unfortunately, I ha
Not so new... (Score:2)

by HavokDevNull ( 99801 ) writes:

unless they scan at the packet level, but Mailscanner http://mailscanner.info/ [mailscanner.info] already does a pretty good job of detecting and disarming those types of messages already. My MailScanner setup uses Postfix / Postgrey / Clamav / Spamassassin / bayes / Rules DeJour /w some custom rules of my own thrown in.. And so far my users have not seen one phish attempt nor virus and not only that but Mailscanner has been detecting these for over a year now.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Network-Based Solution for Phishing Attacks? 16

Network-Based Solution for Phishing Attacks? More Login

Network-Based Solution for Phishing Attacks?

Nice marketing copy (Score:1, Interesting)

Re:Nice marketing copy (Score:1, Insightful)

Since We started using IPS... (Score:5, Funny)

Re:Since We started using IPS... (Score:2)

Not Good Enough...Yet (Score:5, Interesting)

Intrusion Protection (Score:1)

What do you think about the effectivness of IPS? (Score:4, Insightful)

Impossible (Score:2)

Not so new... (Score:2)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot