IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Tuning false positives - SIM is not the answer

From: Ron Gula <rgula () tenablesecurity com>
Date: Fri, 13 Jan 2006 18:58:31 -0500
At 05:37 PM 1/13/2006, Mike Owen wrote:

On 1/13/06, Matthew Caldwell <mcaldwel () micromuse com> wrote:
> You could always solicit to have the source for the Linux/GNU/GPL'ed
> apps to be published from Cisco. Linksys had the same problem because
> they could have modified the code. The same thing could be applied from
> another perspective for other products out on the market.
>
> Matt

That wouldn't work. The only GPL code on there is RedHat 7.2, the
source of which is available. Everything else is Cisco/Protego IP,
which they are under no obligation to release.


There is always the Nessus 2 code as well.
Ron 

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. 
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: