IDS mailing list archives
RE: Tuning false positives - SIM is not the answer
From: Mike Owen <kyphros () gmail com>
Date: Fri, 13 Jan 2006 14:37:20 -0800
On 1/13/06, Matthew Caldwell <mcaldwel () micromuse com> wrote:
You could always solicit to have the source for the Linux/GNU/GPL'ed apps to be published from Cisco. Linksys had the same problem because they could have modified the code. The same thing could be applied from another perspective for other products out on the market. Matt
That wouldn't work. The only GPL code on there is RedHat 7.2, the source of which is available. Everything else is Cisco/Protego IP, which they are under no obligation to release. Mike ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- Re: RE: RE: Tuning false positives - SIM is not the answer, (continued)
- Re: RE: RE: Tuning false positives - SIM is not the answer brent (Jan 05)
- Re: Tuning false positives - SIM is not the answer Jason (Jan 11)
- Re: Tuning false positives - SIM is not the answer Brent Stackhouse (Jan 12)
- Re: Tuning false positives - SIM is not the answer Jason (Jan 11)
- Re: Tuning false positives - SIM is not the answer Brent Stackhouse (Jan 10)
- Re: Tuning false positives - SIM is not the answer Jason (Jan 11)
- Re: RE: RE: Tuning false positives - SIM is not the answer brent (Jan 05)
- Re: Tuning false positives - SIM is not the answer Brent Stackhouse (Jan 11)
- RE: Tuning false positives - SIM is not the answer Bruce Young (Jan 15)
- Message not available
- RE: Tuning false positives - SIM is not the answer Ron Gula (Jan 16)