funsec mailing list archives
RE: Vulnerability-based IPS Patent
From: "Richard M. Smith" <rms () bsf-llc com>
Date: Wed, 29 Mar 2006 12:51:27 -0500
Here's a link to the HP IPS patent application: http://tinyurl.com/eo4oz When analyzing a patent, it is important to focus in on what is being said in the claims section. The rest of the material is mostly background. rICHARD -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Kyle Quest Sent: Wednesday, March 29, 2006 12:33 PM To: funsec () linuxbox org Subject: [funsec] Vulnerability-based IPS Patent Hello everybody :-) This will be funny to anybody who worked on or dealt with intrusion prevention systems. It's also a bit scary... I came across an interesting patent application today. It's called "Proactive containment of network security attacks", publication # US 2006-0059558 A1 / filed September 15 2004. The ground breaking invention described by this patent is the work of John Selep and Mauricio Sanchez from Hewlett Packard. This patent application claims that Mr. Selep and Mr. Sanchez invented a vulnerability-based system that's capable of stopping attacks without relying on specific exploit signatures. In other words, they are trying to patent an IPS that uses vulnerability signatures. If everything goes well soon companies like NFR, ISS, TippingPoint, SourceFire, TopLayer, etc will be paying licensing fees to HP. I'm amazed how these two guys have the guts to patent something like this. John Selep is a product marketing manager, so it's possible he has no clue about security and the intrusion prevention industry, but Mauricio Sanchez is a network security architect at HP... It's hard to believe that he didn't know about a technology that's been out for many years. By the way, Mr. Sanchez has a number of other patent applications. The most questionable of the other applications is called "Virus/worm throttle threshold settings" (publication # US 2005/0265233 A1). I bet most anomaly / behavior IPS vendors will have something to say about this. Once again, get ready to pay up to HP soon... There should be a wall of shame where we could put people and companies along with their shameful acts related to security. I wouldn't be surprised that once this patent is granted there might be something similar to what happened with RIM and NTP patents. If you are working for an IPS/firewall company get ready to pay up to HP :-) Kyle _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Vulnerability-based IPS Patent Kyle Quest (Mar 29)
- RE: Vulnerability-based IPS Patent Richard M. Smith (Mar 29)
- Re: Vulnerability-based IPS Patent Rob, grandpa of Ryan, Trevor, Devon & Hannah (Mar 29)
- Re: Vulnerability-based IPS Patent Drsolly (Mar 29)
- RE: Vulnerability-based IPS Patent Richard M. Smith (Mar 29)
- RE: Vulnerability-based IPS Patent Drsolly (Mar 29)
- RE: Vulnerability-based IPS Patent Richard M. Smith (Mar 29)
- RE: Vulnerability-based IPS Patent Roger Thompson (Mar 29)
- RE: Vulnerability-based IPS Patent Nick FitzGerald (Mar 29)
- RE: Vulnerability-based IPS Patent Richard M. Smith (Mar 29)
- RE: Vulnerability-based IPS Patent Nick FitzGerald (Mar 29)
- RE: Vulnerability-based IPS Patent Drsolly (Mar 30)
- Re: Vulnerability-based IPS Patent Drsolly (Mar 29)