Dailydave mailing list archives
Re: File-format based vulns - How do IDS/IPS vendors detect them?
From: <sgc () hushmail com>
Date: Wed, 9 Nov 2005 13:03:34 -0800
On Wed, 09 Nov 2005 Joshua Russel <joshua.russel () gmail com> wrote:
After the recent announcement of file-format based vulnerabilities
in MS Patch Tuesday, I was wondering how do IPS/IDS vendors claim
to
protect against them (most of them like TippingPoint claim to do so).
IDS is so gosh darn freakin speedy and efficient as it is, my salesman said they also decompress archives that may contain these malicious files and even brute force password protected archives, all inline. Did you read Marcus' essay that caused the minor stir a few weeks ago? Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485
Current thread:
- Re: File-format based vulns - How do IDS/IPS vendors detect them? sgc (Nov 09)