funsec mailing list archives

Vulnerability-based IPS Patent

From: "Kyle Quest" <Kyle.Quest () networkengines com>
Date: Wed, 29 Mar 2006 12:33:04 -0500

Hello everybody :-)

This will be funny to anybody who worked on or 
dealt with intrusion prevention systems. It's
also a bit scary...

I came across an interesting patent application today.
It's called "Proactive containment of network security attacks",
publication # US 2006-0059558 A1 / filed September 15 2004.
The ground breaking invention described by this patent
is the work of John Selep and Mauricio Sanchez from
Hewlett Packard.

This patent application claims that Mr. Selep and Mr. Sanchez
invented a vulnerability-based system that's capable of stopping
attacks without relying on specific exploit signatures. In other 
words, they are trying to patent an IPS that uses vulnerability
signatures. If everything goes well soon companies like NFR, ISS, 
TippingPoint, SourceFire, TopLayer, etc will be paying licensing 
fees to HP. 

I'm amazed how these two guys have the guts to patent something like
this. John Selep is a product marketing manager, so it's possible he
has no clue about security and the intrusion prevention industry, but
Mauricio Sanchez is a network security architect at HP... It's hard
to believe that he didn't know about a technology that's been out for
many years.

By the way, Mr. Sanchez has a number of other patent applications.
The most questionable of the other applications is called
"Virus/worm throttle threshold settings" (publication # US 2005/0265233 A1).
I bet most anomaly / behavior IPS vendors will have something to say
about this. Once again, get ready to pay up to HP soon...

There should be a wall of shame where we could put people and companies
along with their shameful acts related to security.

I wouldn't be surprised that once this patent is granted there might
be something similar to what happened with RIM and NTP patents.
If you are working for an IPS/firewall company get ready to pay up to HP :-)

Kyle



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Vulnerability-based IPS Patent Kyle Quest (Mar 29)
- RE: Vulnerability-based IPS Patent Richard M. Smith (Mar 29)
- Re: Vulnerability-based IPS Patent Rob, grandpa of Ryan, Trevor, Devon & Hannah (Mar 29)
  - Re: Vulnerability-based IPS Patent Drsolly (Mar 29)
    - RE: Vulnerability-based IPS Patent Richard M. Smith (Mar 29)
    - RE: Vulnerability-based IPS Patent Drsolly (Mar 29)
    - RE: Vulnerability-based IPS Patent Richard M. Smith (Mar 29)
    - RE: Vulnerability-based IPS Patent Roger Thompson (Mar 29)
    - RE: Vulnerability-based IPS Patent Nick FitzGerald (Mar 29)
    - RE: Vulnerability-based IPS Patent Richard M. Smith (Mar 29)
    - RE: Vulnerability-based IPS Patent Nick FitzGerald (Mar 29)

(Thread continues...)