IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS vs. IPS deployment feedback

From: "Randal T. Rioux" <randy () procyonlabs com>
Date: Sat, 15 Apr 2006 02:37:17 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Gary Halleen (ghalleen) wrote:

With the exception of a select few, all Cisco IPS signatures are open,
and can be cloned, edited, added-to, or edited.  Signatures are stored
in an xml format inside the .pkg file which is applied to a Cisco IPS
sensor.  

Gary



I couldn't find the 'open' Cisco IPS signatures anywhere on the site.
Does the Cisco definition of the word 'open' mean the same as HP's (ie
OpenVMS... not really open)?

I'd like to download and take a peek at them.

Thanks,

Randal T. Rioux | Procyon Labs
IT Security R&D and Consulting
Virtual: www.procyonlabs.com
Physical: DC / Baltimore
PGP: gpg --keyserver pgp.mit.edu --recv-keys 0xD08D1941


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFEQJSdRrGMQdCNGUERA+m8AKCmH6X+0ufmaZ5zetybgYJIQ+AffwCdEMsu
YdKozXHP+GsUDLoz3OGzBPg=
=lZAC
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: