IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: IDS vs. IPS deployment feedback

From: "Andrew Plato" <andrew.plato () anitian com>
Date: Mon, 10 Apr 2006 12:54:33 -0700
Yes...SOURCEFIRE customers get those signatures early. They get handed
out to the Snort world well after the fact. SourceFire is a commercial
company and you must PAY to get their product. 

In other words - Sourcefire is no different than TP, ISS or any other
commercial vendor in this regard. As such, we're all just selling what
we know. 

___________________________________
Andrew Plato, CISSP
President/Principal Consultant
Anitian Enterprise Security



-----Original Message-----
From: Richard Bejtlich [mailto:taosecurity () gmail com] 
Sent: Monday, April 10, 2006 10:36 AM
To: Andrew Plato
Cc: Basgen, Brian; focus-ids () securityfocus com
Subject: Re: IDS vs. IPS deployment feedback

You are not familiar with modern Snort signature development by the
Sourcefire Vulnerability Research Team. See:

http://www.sourcefire.com/services/sf_vrt.html

For one example:

http://www.sourcefire.com/news/press_releases/pr121504.html
_________________________________________________
NOTICE:
This email may contain confidential information, 
and is for the sole use of the intended recipient.  
If you are not the intended recipient, please reply 
to the message and inform the sender of the error 
and delete the email and any attachments from 
your computer. 
_________________________________________________


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: