IDS mailing list archives
Re: Cisco IOS Shellcode - McAfee IPS Protection
From: Joel Esler <eslerj () gmail com>
Date: Thu, 4 Aug 2005 18:25:21 -0400
How can they have "0-day" if ISS (makers of RealSecure and proventia IDS) announced the vuln? Wouldn't that lead us to believe that ISS had it first?
Beyond that, it's been a week, I am sure that all the major IDS venders have it.
Joel (Yes, I work for an IDS company, and yes, we have a way to detect it) On Aug 4, 2005, at 3:53 AM, planz 235 wrote:
Hi, McAfee claims to have "Zero-day" protection against the recent vulnerability disclosed against Cisco particularly on Shellcodes. Their press release says, McAfee IntruShield's existing infrastructure protection proactively covers new exploit techniques against Cisco IOS, such as those demonstrated at last week's Black Hat conference.[http://www.mcafeesecurity.com/us/about/press/corporate/ 2005/20050803_181545.htm] Someone using Intrushield can validate this statement..? Regards, Planz
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
Current thread:
- Re: Cisco IOS Shellcode - McAfee IPS Protection Joel Esler (Aug 08)
- Re: Cisco IOS Shellcode - McAfee IPS Protection Ed Gibbs (Aug 08)
- Re: Cisco IOS Shellcode - McAfee IPS Protection Ron Gula (Aug 09)
- Re: Cisco IOS Shellcode - McAfee IPS Protection Ron Gula (Aug 08)
- Re: Cisco IOS Shellcode - McAfee IPS Protection Martin Roesch (Aug 09)
- Re: Cisco IOS Shellcode - McAfee IPS Protection Ed Gibbs (Aug 08)