IDS mailing list archives
Re: How to choose an IDS/FW MSS provider
From: "David W. Goodrum" <dgoodrum () nfr com>
Date: Tue, 22 Mar 2005 15:37:28 -0500
I was actually referring to signature exploits. I am aware that there were documented vulnerabilities in NFR's old R&D versions. Once NFR went to it's appliance version of the product and closed everything but the signatures (and this entire thread has been surrounding open vs closed signatures I believe) we have not had a vulnerability in our signature set. However, technically, you are 100% correct, so I apologize for what may have been a misleading statement.
sorry about the mis-statement... -dave Thomas H.Ptacek wrote:
It's not true that NFR has never had a remote exploit.I may be mis-reading the statement, but I discovered and published an advisory for a remote root vulnerability in NFR back when I worked at Network Associates.On Mar 17, 2005, at 5:24 PM, Martin Roesch wrote:I agree with your comments about writing good signatures. We released a whitepaper a couple of years back in an effort to teach people how to write good signatures using the NFR product, and even though we've had our signatures openly readable since day 1, we've never had a remote exploit. (well okay, we didn't actually have signatures on day 1, but you know what i mean. ;) )--- Thomas H. Ptacek -- (734) 604-0070 --- "If you're so special, why aren't you dead?"
-- David W. Goodrum Senior Systems Engineer NFR Security 703.731.3765 -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------
Current thread:
- Re: How to choose an IDS/FW MSS provider, (continued)
- Re: How to choose an IDS/FW MSS provider Ron Gula (Mar 24)
- RE: How to choose an IDS/FW MSS provider Chris Harrington (Mar 16)
- Has ISS a SOC in Europe? Stephane (Mar 11)
- RE: Has ISS a SOC in Europe? Gregory Bell (Mar 14)
- RE: How to choose an IDS/FW MSS provider Jeff Boggie (Mar 11)
- Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 14)
- Re: How to choose an IDS/FW MSS provider Martin Roesch (Mar 16)
- Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 19)
- Re: How to choose an IDS/FW MSS provider Martin Roesch (Mar 19)
- Re: How to choose an IDS/FW MSS provider Thomas H . Ptacek (Mar 23)
- Re: How to choose an IDS/FW MSS provider David W. Goodrum (Mar 23)
- Re: How to choose an IDS/FW MSS provider Dave Aitel (Mar 19)
- RE: How to choose an IDS/FW MSS provider Randy Golly (Mar 10)
- Re: How to choose an IDS/FW MSS provider Stephane (Mar 16)
- Re: How to choose an IDS/FW MSS provider Kevin (Mar 14)