Dailydave mailing list archives
RE: For those of you that don't know....
From: Rodney Thayer <rodney () canola-jones com>
Date: Mon, 13 Dec 2004 13:26:13 -0800
<press> Disclaimmer: I worked on the last IPS review for Network World. I still do product reviews in this technology area. </press> <security analyst> Given the scruffy reputation of ISS folks for lying and insulting folks in public, I would strongly suggest one validate these statements before using them. Also, I don't know about what other folks saw, but the last ISS IPS I had my hands on had it's own share of faults. So you too have "shit on your skirt", dude. "Show me an IPS implementation and the probability is 1.0 that I can find a geek at a competitor who will proudly tell you about all the attacks that can sneak past it." </security analys> At 03:24 PM 12/13/2004 -0500, Maynor, David (ISS Atlanta) wrote:
You should preface your last statement with "I write exploits for a living so I don't want people to buy a solution that actually stops them." You can't say with a straight face they were doing better than everybody else in the market, they are evaded by simple RPC fragmentation, even SNORT catches that. ImmunitySec's own Canvas CRI turns it into swiss cheese, from what I hear. What other NIPS/HIPS vendors are you speaking of? As far as I know Willy Wonka got his Ompalompa's on spyware research now so the list of NIPS that tippingpoint is better than has dropped a bit. -----Original Message----- From: Sinan Eren [mailto:sinan.eren () immunitysec com] Sent: Monday, December 13, 2004 2:39 PM To: Maynor, David (ISS Atlanta) Cc: dailydave Subject: Re: [Dailydave] For those of you that don't know....Who knew PCRE was worth that much?Compared to other marketed NIDS/NIPS tippingpoint was doing a much better job. So it did not suprise me much. Same could be said for Determina being so much better than all the other marketted HIPS out there. So i expect to see some big acquisition in that too. I would personally pick tippingpoint and determina if i was in a CSO or similar position. So standing from a technical point of view I would endorse both of these products. cheers, Sinan _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RE: For those of you that don't know...., (continued)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)
- RE: For those of you that don't know.... Sinan Eren (Dec 13)
- Re: For those of you that don't know.... ric k (Dec 13)
- RE: For those of you that don't know.... kquest (Dec 13)
- RE: For those of you that don't know.... Clemens, Dan (Dec 13)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)
- RE: For those of you that don't know.... pageexec (Dec 13)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)
- RE: For those of you that don't know.... Sinan Eren (Dec 13)
- RE: For those of you that don't know.... Rodney Thayer (Dec 13)
- RE: For those of you that don't know.... Ron Gula (Dec 13)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)
- Re: For those of you that don't know.... Dave Aitel (Dec 13)
- RE: For those of you that don't know.... Rodney Thayer (Dec 13)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)
- Re: For those of you that don't know.... peyote (Dec 13)
- For those of you that don't know.... dunz krispy (Dec 13)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)
- RE: For those of you that don't know.... Maynor, David (ISS Atlanta) (Dec 13)