Re: time for my lil opinion poll

I think this is one of those technical 'solutions' for a people
problem (Pre-screen your personnel, make them sign NDAs, use security
awareness training to remind them of sensitive information protection
and consequences of violation, etc etc). you can also prevent the
wider problem by not allowing business computers to connect to the
Internet (gasp!)

I think there is some value for these in organizations that actually
some sort of intelligent data priority and tagging scheme, but the
horse must come before the cart. I think if a company considering an
extrusion prevention system first took stock of how it's currently
protecting their sensitive data, they could probably find ways to
spend the money more effectively.

So in short: yes they probably work, as well as IDS works (that is:
not very well, requiring tons of care and feeding and understanding of
the organization to be effective and needing help with encrypted
traffic)

On 4/25/07, Arun Koshy <arunkoshy@xxxxxxxxx> wrote:
> A friend from the vuln research arena ( sorry .. no names etc ) told
> me in a convo a few hours ago  that this does not work :
>
> http://en.wikipedia.org/wiki/Information_Leak_Prevention
>
> Would like to know the community's opinion about the whole arena ..
> both public and private responses ( if you can't be public ) are
> welcome.
> _______________________________________________
> Dailydave mailing list
> Dailydave@xxxxxxxxxxxxxxxxxxxxx
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>


-- 
-Karl