IDS mailing list archives
Re: ISS - virtual patching
From: Stefano Zanero <zanero () elet polimi it>
Date: Wed, 26 Jul 2006 14:44:57 +0200
David Maynor wrote:
1. You find out about the vuln the same time ISS does. Due to excellent threat intelligent and a top notch Research and Development team they are likely to know about the threat long before you do.
So you are either implying that ISS does not practice full or responsible disclosure, or stating something strange. Could you elaborate - and maybe provide examples of this actually having happened ?
Protocols are updated all the time, traffic changes constantly
So I read this as a "protocol anomaly detection doesn't work" declaration, right ? Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- ISS - virtual patching phb (Jul 12)
- Re: ISS - virtual patching David Maynor (Jul 24)
- Re: ISS - virtual patching Stefano Zanero (Jul 27)
- <Possible follow-ups>
- Re: ISS - virtual patching john (Jul 21)
- Re: Re: ISS - virtual patching David Maynor (Jul 24)
- Re: ISS - virtual patching thunking (Jul 21)
- RE: ISS - virtual patching Palmer, Paul (ISSAtlanta) (Jul 24)
- RE: ISS - virtual patching Palmer, Paul (ISSAtlanta) (Jul 24)
- RE: ISS - virtual patching Palmer, Paul (ISSAtlanta) (Jul 25)
- Re: ISS - virtual patching David Maynor (Jul 24)