IDS mailing list archives

RE: How to choose an IDS/FW MSS provider

From: "Stuart Staniford" <stuart () nevisnetworks com>
Date: Mon, 14 Mar 2005 20:46:51 -0800

David Goodrum wrote:

And yes, 
it's possible 
to compromise systems that are simply sniffing... but it's 
much harder.  
I know of only one product that's been successfully remotely 
exploited 
in this manner, and the only reason that happened was because 
it was an 
opensource product that allows hackers to read the source 
code and look 
for ways to compromise it.


Mmmm.  The Witty worm last year compromised ISS deployments in this manner.

Stuart.

Stuart Staniford, Principal Scientist
Nevis Networks
stuart () nevisnetworks com
408-327-4652


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

Current thread:

Re: How to choose an IDS/FW MSS provider, (continued)
- - Re: How to choose an IDS/FW MSS provider Stephane (Mar 10)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 11)
    - Re: How to choose an IDS/FW MSS provider Richard Bejtlich (Mar 14)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 14)
    - Re: How to choose an IDS/FW MSS provider Richard Bejtlich (Mar 14)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 14)
    - Re: How to choose an IDS/FW MSS provider Richard Bejtlich (Mar 14)
    - RE: How to choose an IDS/FW MSS provider Stuart Staniford (Mar 16)
    - Re: How to choose an IDS/FW MSS provider Adam Powers (Mar 14)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 14)
    - RE: How to choose an IDS/FW MSS provider Stuart Staniford (Mar 16)
    - Re: How to choose an IDS/FW MSS provider Jason (Mar 19)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 19)
    - Re: How to choose an IDS/FW MSS provider Richard Bejtlich (Mar 23)
    - Re: How to choose an IDS/FW MSS provider Ron Gula (Mar 24)
    - RE: How to choose an IDS/FW MSS provider Chris Harrington (Mar 16)
  - Has ISS a SOC in Europe? Stephane (Mar 11)
    - RE: Has ISS a SOC in Europe? Gregory Bell (Mar 14)
  - RE: How to choose an IDS/FW MSS provider Jeff Boggie (Mar 11)
    - Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 14)
    - Re: How to choose an IDS/FW MSS provider Martin Roesch (Mar 16)

(Thread continues...)