funsec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Vulnerability-based IPS Patent

From: "Richard M. Smith" <rms () bsf-llc com>
Date: Wed, 29 Mar 2006 12:51:27 -0500
Here's a link to the HP IPS patent application:

   http://tinyurl.com/eo4oz

When analyzing a patent, it is important to focus in on what is being said
in the claims section.  The rest of the material is mostly background.

rICHARD 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Kyle Quest
Sent: Wednesday, March 29, 2006 12:33 PM
To: funsec () linuxbox org
Subject: [funsec] Vulnerability-based IPS Patent

Hello everybody :-)

This will be funny to anybody who worked on or dealt with intrusion
prevention systems. It's also a bit scary...

I came across an interesting patent application today.
It's called "Proactive containment of network security attacks", publication
# US 2006-0059558 A1 / filed September 15 2004.
The ground breaking invention described by this patent is the work of John
Selep and Mauricio Sanchez from Hewlett Packard.

This patent application claims that Mr. Selep and Mr. Sanchez invented a
vulnerability-based system that's capable of stopping attacks without
relying on specific exploit signatures. In other words, they are trying to
patent an IPS that uses vulnerability signatures. If everything goes well
soon companies like NFR, ISS, TippingPoint, SourceFire, TopLayer, etc will
be paying licensing fees to HP. 

I'm amazed how these two guys have the guts to patent something like this.
John Selep is a product marketing manager, so it's possible he has no clue
about security and the intrusion prevention industry, but Mauricio Sanchez
is a network security architect at HP... It's hard to believe that he didn't
know about a technology that's been out for many years.

By the way, Mr. Sanchez has a number of other patent applications.
The most questionable of the other applications is called "Virus/worm
throttle threshold settings" (publication # US 2005/0265233 A1).
I bet most anomaly / behavior IPS vendors will have something to say about
this. Once again, get ready to pay up to HP soon...

There should be a wall of shame where we could put people and companies
along with their shameful acts related to security.

I wouldn't be surprised that once this patent is granted there might be
something similar to what happened with RIM and NTP patents.
If you are working for an IPS/firewall company get ready to pay up to HP :-)

Kyle



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: