[Full-Disclosure] IDS (ISS) and reverse engineering

From: V.O. (vosipov_at_tpg.com.au)
Date: 11/26/03

  • Next message: Frederic Charpentier: "[Full-Disclosure] Nokia IPSO" 
    To: <full-disclosure@lists.netsys.com>
Date: Wed, 26 Nov 2003 20:15:42 +1100

    Recently I've got to listen to a marketing pitch by an ISS guy. He was going
    along the lines of "our X-force reverse-engineered Microsoft RPC libraries
    and created signatures..." and "we use protocol decoding, so we
    reverse-engineered various closed-source protocols in order to create out
    decoders".

    What struck me - isn't this kind of activity actually illegal in the US? To
    which extent it is possible to disassemble Windows code? And if it is
    illegal, then aren't their customers (plus many other IDSes, with the
    exclusion of Snort, probably) in danger - what if Microsoft or whoever else
    sues ISS for doing this? :)

    I'm puzzled.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Frederic Charpentier: "[Full-Disclosure] Nokia IPSO"

    Relevant Pages

    • Fw: IDS (ISS) and reverse engineering
      ... Recently I've got to listen to a marketing pitch by an ISS guy. ... along the lines of "our X-force reverse-engineered Microsoft RPC libraries ... and "we use protocol decoding, ...
      (Focus-IDS)
    • Re: Fw: IDS (ISS) and reverse engineering
      ... The DMCA makes an exxception for reverse engineering while doing security ... Recently I've got to listen to a marketing pitch by an ISS guy. ... along the lines of "our X-force reverse-engineered Microsoft RPC libraries ... and "we use protocol decoding, ...
      (Focus-IDS)
    • Quantcast