Hi my friends. i am really confusing . i can't find out when we use firewall why we use IDS too? i think firewall is enough . for example i think when we use iptables we don't need to use snort for protect against dos . is it true?
and the other thing that confused me is that in the latest version of snort they say that it can mitigate application layer threats so if it is so why we use WAF like modsecurity ? is there any dos attack that modsecurity can detect but snort can't?
please help . i am really confusing . thanks a lot
and the other thing that confused me is that in the latest version of snort they say that it can mitigate application layer threats so if it is so why we use WAF like modsecurity ? is there any dos attack that modsecurity can detect but snort can't?
please help . i am really confusing . thanks a lot