IDS mailing list archives
RE: Network hardware IPS
From: Frank Knobbe <frank () knobbe us>
Date: Thu, 09 Oct 2003 19:53:43 -0500
On Tue, 2003-10-07 at 13:21, Dave Killion wrote:
Anyway, anyone who's crazy enough to put "cmd.exe" in his path deserves all the False Positives he can stomach. And quoting a 5-year old paper on IDS evasion doesn't convince me.
Whoa... I didn't want to get involved in this discussion, but you leave me no other choice with that statement. Why would you want to punish an innocent web surfer for a stupid mistake or oversight of a web developer? http://www.medstuff.com/showme.php?AWeird+BDoctor+CDDS+CMD.EXECUTION-STYLE_DENTISTRY_ERRORS.html or http://newz.com/query.asp?HReport.LBaltimore.CMD.EXECUTIVE-SUMMARY or (well, you get the point I hope) I don't know if Netscreen really wants to take the position that people "get what they deserve"... Regards, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: Network hardware IPS, (continued)
- Re: Network hardware IPS Gary Flynn (Oct 06)
- Re: Network hardware IPS david maynor (Oct 07)
- Re: Network hardware IPS Gary Flynn (Oct 08)
- Re: Network hardware IPS Gary Flynn (Oct 06)
- RE: Network hardware IPS Dave Killion (Oct 07)
- Re: Network hardware IPS Stefano Zanero (Oct 07)
- RE: Network hardware IPS david maynor (Oct 08)
- RE: Network hardware IPS Dave Killion (Oct 07)
- Re: Network hardware IPS Stefano Zanero (Oct 07)
- Re: Network hardware IPS George W. Capehart (Oct 08)
- RE: Network hardware IPS Dave Killion (Oct 08)
- RE: Network hardware IPS Frank Knobbe (Oct 09)
- RE: Network hardware IPS Kohlenberg, Toby (Oct 09)
- RE: Network hardware IPS Dave Killion (Oct 09)
- Re: Network hardware IPS Stefano Zanero (Oct 14)
- RE: Network hardware IPS Augusto Quadros Paes de Barros (Oct 14)
- RE: Network hardware IPS Dave Killion (Oct 14)
- RE: Network hardware IPS Frank Knobbe (Oct 14)