IDS mailing list archives

Re: Exploit-based signature is dead, or not?

From: "Sergio 'shadown' Alvarez" <shadown () gmail com>
Date: Mon, 16 Mar 2009 19:16:39 +0100

Hi tanyoo10,

(1) When a vulnerability is unknown, exploit-based might be a good

solution.

just in case you didn't realize...if you have the exploit to generate
the signature, you already know what the vulnerability is.

cheers,
  sergio

Current thread:

Re: Intrusion Detection Evaluation Datasets, (continued)
- - - Re: Intrusion Detection Evaluation Datasets Martin Roesch (Mar 19)
    - Re: Intrusion Detection Evaluation Datasets Ravi Chunduru (Mar 19)
    - Re: Intrusion Detection Evaluation Datasets Seth Hall (Mar 19)
    - Re: Intrusion Detection Evaluation Datasets Stefano Zanero (Mar 19)
    - Re: Intrusion Detection Evaluation Datasets Ravi Chunduru (Mar 20)
    - Re: Intrusion Detection Evaluation Datasets Damiano Bolzoni (Mar 18)
    - Re: Intrusion Detection Evaluation Datasets Seth Hall (Mar 16)
- Re: Intrusion Detection Evaluation Datasets Sam Gorton (Mar 13)
  - Re: Intrusion Detection Evaluation Datasets Raffael Marty (Mar 13)
  - Exploit-based signature is dead, or not? tanyoo10 (Mar 16)
    - Re: Exploit-based signature is dead, or not? Sergio 'shadown' Alvarez (Mar 16)
    - Re: Exploit-based signature is dead, or not? Jackie Lai (Mar 17)
    - Re: Re: Exploit-based signature is dead, or not? tanyoo10 (Mar 17)
    - RE: Exploit-based signature is dead, or not? Addepalli Srini-B22160 (Mar 17)
    - Re: Exploit-based signature is dead, or not? Joel Esler (Mar 30)
  - Re: Exploit-based signature is dead, or not? tanyoo10 (Mar 18)
- Re: Re: Intrusion Detection Evaluation Datasets zubair . shafiq (Mar 13)