IDS mailing list archives

Re: IPS Vendor Evasion

From: jeff.stebelton () bisys com
Date: Wed, 3 Jan 2007 13:37:20 -0500

Ed Skoudis and Mike Poor did something similar for Information Security
mag, but that was back in November of 2005.

http://informationsecurity.techtarget.com/magItem/1,,sid42_gci1137925,00.html




                                                                           
             trav_2 () hotmail co                                             
             m                                                             
             Sent by:                                                   To 
             listbounce@securi         focus-ids () securityfocus com         
             tyfocus.com                                                cc 
                                                                           
                                                                   Subject 
             01/02/2007 09:49          IPS Vendor Evasion                  
             PM                                                            
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




At Blackhat HD Moore and Brian Caswell did a presentaion of bypassing IPS.
Maybe I dreamed this but wasn't there a list of vendors that were and were
not bypassed? Maybe it was not HD and Brian that did it. If there was such
a thing where can I find it?

Thanks,


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw

to learn more.
------------------------------------------------------------------------



============================================
STATEMENT OF CONFIDENTIALITY

The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain confidential or privileged information. No representation is made
on its accuracy or completeness of the information contained in this
electronic message.  Certain assumptions may have been made in the
preparation of this material as of this date, and are subject to change
without notice.  If you are not the intended recipient, you are hereby
notified that any dissemination, distribution or copying of this e-mail and
any attachment(s) is strictly prohibited.

Please reply to the sender and destroy all copies of this message and any
attachments from your system.


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------

Current thread:

IPS Vendor Evasion trav_2 (Jan 03)
- RE: IPS Vendor Evasion Kohlenberg, Toby (Jan 03)
- Re: IPS Vendor Evasion H D Moore (Jan 03)
- Re: IPS Vendor Evasion Tim Holman (Jan 03)
  - Re: IPS Vendor Evasion Stefano Zanero (Jan 04)
- Re: IPS Vendor Evasion Stefano Zanero (Jan 03)
- Re: IPS Vendor Evasion jeff . stebelton (Jan 03)
- <Possible follow-ups>
- Re: IPS Vendor Evasion levinson_k (Jan 03)