Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS (ISS) and reverse engineering

From: "Lan Guy" <rlanguy () hotmail com>
Date: Wed, 26 Nov 2003 13:58:13 +0200
1) you too can get some exclusive stuff
http://members.microsoft.com/consent/Info/Default.aspx
But you have to pay.

2) ISS have also written some of the Technical Reference - Security for MS
Windows 2000.



----- Original Message ----- 
From: "V.O." <vosipov () tpg com au>
To: <full-disclosure () lists netsys com>
Cc: <focus-ids () securityfocus com>
Sent: Wednesday, November 26, 2003 11:15 AM
Subject: [Full-disclosure] IDS (ISS) and reverse engineering



Recently I've got to listen to a marketing pitch by an ISS guy. He was

going

along the lines of "our X-force reverse-engineered Microsoft RPC libraries
and created signatures..." and "we use protocol decoding, so we
reverse-engineered various closed-source protocols in order to create out
decoders".

What struck me - isn't this kind of activity actually illegal in the US?

To

which extent it is possible to disassemble Windows code? And if it is
illegal, then aren't their customers (plus many other IDSes, with the
exclusion of Snort, probably) in danger - what if Microsoft or whoever

else

sues ISS for doing this? :)

I'm puzzled.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: