Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?

From: "evilghost () packetmail net" <evilghost () packetmail net>
Date: Sat, 19 Mar 2011 18:27:32 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/19/11 11:44, Jason Brvenik wrote:

If you really want to start to solve that problem have a look at our
latest acquisition, Immunet (It is free BTW) -
http://www.immunet.com/main/index.html


I'm always weary when a security vendor offers panacea, especially when said
panacea depends on the number of participants in the solution.  This model
doesn't work quite so well in the spam arena and I doubt malware to be much
different.  A hostile endpoint serving up multi-packed goodness, generated on a
per host basis, seems like one very easy way to defeat this system (if I
understand it correctly)

In practice, how well does this work when you're the first guy to get nailed
with fun?

Curious...  I like using the best tool for the job and defense and depth and to
assign all malware to a HIDS is presumptuous and perhaps misplaced faith.

- -- 
It has been said that "hate" is a powerful emotion, perhaps that's why I'm so
strong.

- -evilghost
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJNhTvkAAoJENgimYXu6xOH7VEP/1IX2LsPl7vdEqUptsXroyyc
ogcHnA27CEF+6UTs8Hb7tQWqjjm256SAsYuZyzDD+Cn2XpQFQurOTouxSUMtgL9O
s+rpVFj/mtYkSpBBOaiARqk/fO5Lbr0qUEVPFM5nSjnXZK6J/unfwFVA6X/Z5BJT
BsWAKakMRg8v21DCX7fmyiE6g/qKhqEs1ce4VAgKs6mdlUUMOono9bHQNISux9pn
1adwB2vCQZVA94GA1PO4WNP8ETQ7Hk6L/siMyFanGE5UMyPfYJzdk3xeTTWxeOa4
Tf776I7BE9mTTgXhjjFyPle13hoGpmH08JrNG61Q72XxNm3Erf3ff5F+wp7ZAkeF
0Q3gbZE2pa7tasO4Sl1Z/+kCQgKMZgaOzp6wPjVWXS7Yxg6eDeA/M55Sin3rb5Jq
+aE0pzZrnFxlyKHHbEFKnI7xWBglJVbDashiPH+VUGP4xEubs6aEGexNoFbKjwl7
ED0q5bV/u4/5gpejTbiqJtOPPCxlpNWz5zgc8K7BamfVirGKPRtKHN6vjrnfgYyq
5XJUmqTXL3Q0Jd8OeWOL8qkVUyiHOsENfO5PWrXeZyhW5thUf60COurldFX9MYOE
VxmQwuDnlfrMiMeAYTzpy/3fzHTDX3G7MqCeRnMIzSkmLtC5q5pVGuRXVN3VPGkM
KJUOElt7/cw41p8eeuoh
=fFXh
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: