Re: File-format based vulns - How do IDS/IPS vendors detect them?

[<sgc () hushmail com>]

On Wed, 09 Nov 2005 Joshua Russel <joshua.russel () gmail com> wrote:

> After the recent announcement of file-format based vulnerabilities 

> in MS Patch Tuesday, I was wondering how do IPS/IDS vendors claim 
to
> protect against them (most of them like TippingPoint claim to do 
> so).

IDS is so gosh darn freakin speedy and efficient as it is, my 
salesman said they also  decompress archives that may contain these 
malicious files and even brute force password protected archives, 
all inline. Did you read Marcus' essay that caused the minor stir a 
few weeks ago? 



Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485