IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS and Spywares

From: Eric Grejda <eric.grejda () sunrocket com>
Date: Mon, 10 Oct 2005 09:41:52 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrew Plato wrote:
| A lot of the commercial ones do. TippingPoint has quite a few spyware
| signatures. ISS has some. Don't know about Symantec or Cisco.
|
| Some AV will detect spyware, but not all. And even then, AV tends not to
| be very good at blocking communication of already installed spyware.

The Bleeding Snort ruleset (http://www.bleedingsnort.com/) detects quite
a few spyware agents, in my experience.

Speaking for myself and not my employers, as always.

- --
Eric Grejda
System Administrator, Sunrocket - http://www.sunrocket.com/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFDSm+eHJJGEDZR+J8RAnKhAJ9elxllcXTX//bhnwg5Yk0iqvRaAwCfTPGM
uS82zf7pE5/UDJgDTUqbn/s=
=K/gh
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. 
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: