Bugtraq mailing list archives
Re: ISS vs. Cisco: Chapter 2
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 11 Aug 2005 17:51:09 +0200
FX wrote:
I leave the ethical aspects of this request by ISS for the consideration of the inclined reader.
They have to collect exploits to write shell code for their IDS products, otherwise they can't create signatures. I recall a similar request and it included this piece of information. Of course, this doesn't make this activity less questionable. You normally don't see it because usually, ISS and others can obtain exploits quietly through "responsible disclosure", especially if ISS serves as a coordinator or is somehow involved (via IT-ISAC, for example).
Current thread:
- ISS vs. Cisco: Chapter 2 FX (Aug 11)
- Re: ISS vs. Cisco: Chapter 2 Florian Weimer (Aug 11)