IDS mailing list archives
Re: interesting paper on testing sig-based IDS
From: Richard Bejtlich <taosecurity () gmail com>
Date: Mon, 28 Feb 2005 21:32:16 -0500
On Fri, 25 Feb 2005 21:01:22 -0800, Kohlenberg, Toby <toby.kohlenberg () intel com> wrote:
http://www.cs.ucsb.edu/~vigna/pub/2004_vigna_robertson_balzarotti_CCS04. pdf It seems very similar (at least at first glance) what what's been implemented by RFP in Whisker (the anti-IDS techniques) or in Metasploit (IDS confusion techniques). Have any/many of you seen this before?
Toby, Thanks for bringing this to my attention. There is a lot of really good work being done by researchers that hardly sees the light of day outside academic circles. Vendors are quick to claim that they've invented some new technology, but some basic investigation can usually find the same idea implemented by a researcher years earlier! Sincerely, Richard http://www.taosecurity.com -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- interesting paper on testing sig-based IDS Kohlenberg, Toby (Feb 28)
- Re: interesting paper on testing sig-based IDS Jonathon Giffin (Mar 01)
- Re: interesting paper on testing sig-based IDS buineach (Mar 02)
- Re: interesting paper on testing sig-based IDS Shai Rubin (Mar 02)
- Re: interesting paper on testing sig-based IDS buineach (Mar 02)
- Re: interesting paper on testing sig-based IDS Giovanni Vigna (Mar 02)
- Re: interesting paper on testing sig-based IDS Stefano Zanero (Mar 04)
- Re: interesting paper on testing sig-based IDS Richard Bejtlich (Mar 02)
- <Possible follow-ups>
- RE: interesting paper on testing sig-based IDS Kyle Quest (Mar 04)
- RE: interesting paper on testing sig-based IDS Jose Maria Lopez Hernandez (Mar 06)
- RE: interesting paper on testing sig-based IDS Kyle Quest (Mar 06)
- RE: interesting paper on testing sig-based IDS Brian Smith (Mar 06)
- RE: interesting paper on testing sig-based IDS Micheal Reynolds (Mar 06)
- Re: interesting paper on testing sig-based IDS Jonathon Giffin (Mar 01)