[Full-Disclosure] Re: signatures for Oracle Alert 68

From: Antonio Javier G. M. (legion_at_tierramedia.org)
Date: 11/24/04

  • Next message: nirvana: "Re: [Full-Disclosure] Re: signatures for Oracle Alert 68" 
    To: Valdis.Kletnieks@vt.edu
Date: Wed, 24 Nov 2004 12:54:31 +0100

     

    Valdis.Kletnieks@vt.edu writes:

    > On Tue, 23 Nov 2004 18:43:22 +0100, "Antonio Javier G. M." said:
    >> We need signatures for IDS/IDP for Oracle's alert 68.
                             ^^^^^^^^
    Just a reminder for everybody an the archives - In fact the question was
    very clear (see IDS/IDP --> Intrusion detection and prevention) and IDPs/IPS
    are condoms, not doctors, for example netscreen IDP and Nai IPS, an the last
    version of snort (based on snort inline).

     

    >> How can we protect against these attacks if we can not apply patches in some
    >> platforms?
    >
    > Just a reminder for everybody and the archives - unless you're using some sort
    > of firewall appliance that doesn't pass a packet that triggers a signature,
    > having a signature doesn't actually protect you.
    >
    > If you're just using Snort, and it coughs up a "Signature for Oracle 68"
    > message, it's *too late*. That's not a condom, that's the doctor telling you
    > the test came back positive.
    >
    > (An amazing number of people manage to get confused on this point, and probably
    > get hacked as a result....)
    >

    We really know what are we talking about. Please, use google to search for
    IDP or IPS technologies and snortinline.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: nirvana: "Re: [Full-Disclosure] Re: signatures for Oracle Alert 68"

    Relevant Pages

    • Re: [SLE] Anyone using nut with Mustek or Online UPS?
      ... comments on my signature or nuances to it's contents. ... Check the headers for your unsubscription address ... Also check the archives at http://lists.suse.com ...
      (SuSE)
    • Re: T3 turns on by itself... and the solution
      ... Looking in the archives, it turns out this happens if you have ... > a birthday reminder, and the reminder goes into the previous year. ... newsgroups archives. ... Roy S. Schestowitz | Useless fact: ...
      (comp.sys.palmtops.pilot)
    • Re: For Olly and for Dave
      ... If I bothered to use a signature line, it would read "The Bush ... George Z. ... It ought to be a good reminder for everyone.....it's hard to criticize ...
      (soc.retirement)
    • Re: [kde-linux] Am I Alone?
      ... Your signature is not however. ... Archives: http://lists.kde.org/. ... If we are talking about the same thing, it is the mailing list software ... help if we could get a few replies on this, ...
      (KDE)
    • Re: Add mailing list search link to signature for this list
      ... On 6/7/07, stan wrote: ... archives be added to the signature for this list. ... recall the search function is really poor. ...
      (Fedora)