RE: For those of you that don't know....

["Clemens, Dan" <Dan.Clemens () healthsouth com>]

        David,

        >You should preface your last statement with "I write exploits for a 
        >living so I don't want people to buy a solution that actually stops 
        >them."
        
        Please judge the log in your own eye before pointing a sharp stick in someone else's eye!
        Not to flame here, but ISS's Xforce is definately in the business of writing exploits to validate IDS sigs you 
create and to place in your wonderful ISS Scanner.
        
        I think its great that products like Canvas can call b.s. on your signatures without hiding behind the 'oh our 
sploits are so secret  and proprietary . 

        >You can't say with a straight face they were doing better than everybody 
        >else in the market, they are evaded by simple RPC fragmentation, even 
        >SNORT catches that. ImmunitySec's own Canvas CRI turns it into swiss 
        >cheese, from what I hear. 

        He can say that he has an experience and an opinion. Please treat members of this list with some dignity and 
respect because I am sure they have (especially Sinan) has earned it, but please don't place your flame from something 
that is hearsay.
        
        >What other NIPS/HIPS vendors are you speaking of? As far as I know Willy 
        >Wonka got his Ompalompa's on spyware research now so the list of NIPS 
        >that tippingpoint is better than has dropped a bit. 

        Translation:

        Shampoo is better than conditioner!

        What other NIPS/HIPS are you talking about other than ISS? Please throw us a few bones than simply saying 'nuh 
uh'. Try to give some educated responses on why the vendors (especially HIPS department) may or may not be better.

        -Daniel Clemens

         

        -----Original Message----- 
        From: Sinan Eren [mailto:sinan.eren () immunitysec com] 
        Sent: Monday, December 13, 2004 2:39 PM 
        To: Maynor, David (ISS Atlanta) 
        Cc: dailydave 
        Subject: Re: [Dailydave] For those of you that don't know.... 

        > Who knew PCRE was worth that much? 

        Compared to other marketed NIDS/NIPS tippingpoint was doing a much 
        better 
        job. So it did not suprise me much. 

        Same could be said for Determina being so much better than all the other 

        marketted HIPS out there. So i expect to see some big acquisition in 
        that 
        too. 

        I would personally pick tippingpoint and determina if i was in a CSO 
        or similar position. So standing from a technical point of view I would 
        endorse both of these products. 

        cheers, 
        Sinan 



        _______________________________________________ 
        Dailydave mailing list 
        Dailydave () lists immunitysec com 
        https://lists.immunitysec.com/mailman/listinfo/dailydave 


Confidentiality Notice: This e-mail communication and any attachments may contain 
confidential and privileged information for the use of the designated recipients named above. If 
you are not the intended recipient, you are hereby notified that you have received this 
communication in error and that any review, disclosure, dissemination, distribution or 
copying of it or its contents is prohibited. If you have received this communication in 
error, please notify me immediately by replying to this message and deleting it from your 
computer. Thank you.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave