Re: NIPS Vendors explicit answer

From: Vikram Phatak (vphatak_at_lucidsecurity.com)
Date: 04/27/04

  • Next message: Drexx Laggui: "Re: IDSes and known attacks (was: NIPS Vendors explicit answer)"
    Date: Tue, 27 Apr 2004 13:11:49 -0400
    To: "Teicher, Mark (Mark)" <teicher@avaya.com>
    
    

    Hi Mark,

    Here are a couple of links to whitepapers we put out on the topic. The
    first (Vulnerability Protection: A Buffer for Patching) was written by
    myself and the second (The Emergence of the Vulnerability Shield) was
    written by Pete Lindstrom. If you are looking for additional
    information beyond that contained in the whitepapers and posting, please
    let me know. (I am probably opening up Pandora's Box, but what the heck)

    Vulnerability Protection: A Buffer for Patching
    http://www.lucidsecurity.com/pdf/Vulnerability-Protection.pdf

    The Emergence of the Vulnerability Shield
    http://www.lucidsecurity.com/pdf/Spire-LucidWP.pdf

    In addition, I posted to this newsgroup last week regarding the issue.
    http://www.securityfocus.com/archive/96/361458/2004-04-17/2004-04-23/0

    Best Regards,

        -Vik

    -- 
    Vikram Phatak
    CTO, Lucid Security
    http://www.lucidsecurity.com
    Teicher, Mark (Mark) wrote:
    >I chuckle everytime I hear the word "IPS Shielding" since this was the
    >marketing term previously used by Entercept.
    >Would a NIPS vendor would like to explain their theory on IPS shielding
    >of vulnerabilities, inquiring minds would like to know
    >
    >/cheers
    >
    >/mht
    > 
    >
    >  
    >
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: Drexx Laggui: "Re: IDSes and known attacks (was: NIPS Vendors explicit answer)"

    Relevant Pages

    • [NEWS] Multiple Telnet Client env_opt_add() and slc_add_reply() Buffer Overflow
      ... Get your security news from a reliable source. ... The TELNET protocol "allows virtual network terminals to be connected to ... Remote exploitation of two buffer overflow vulnerability in multiple ...
      (Securiteam)
    • CORE-20020618: Vulnerabilities in Windows SMB (DoS)
      ... Denial of Service Vulnerabilities in Windows SMB implementation ... mechanism for client systems to request file services from server ... It might be possible to abuse this vulnerability to execute arbitrary ... Later in the processing of the request, at SRV.SYS+33209h another buffer ...
      (NT-Bugtraq)
    • CORE-20020618: Vulnerabilities in Windows SMB (DoS)
      ... Denial of Service Vulnerabilities in Windows SMB implementation ... mechanism for client systems to request file services from server ... It might be possible to abuse this vulnerability to execute arbitrary ... Later in the processing of the request, at SRV.SYS+33209h another buffer ...
      (Bugtraq)
    • [Windows XP] ntdll.dll Buffer Overflow Vulnerability - Yet Another MS03-007
      ... Apply the patch that is provided by the vendor ... This function is given the string and the buffer, ... The buffer overflow vulnerability this function contains is caused by ... This vulnerability differs from the known Security Bulletin 'MS03-007'. ...
      (NT-Bugtraq)
    • [Windows XP] ntdll.dll Buffer Overflow Vulnerability - Yet Another MS03-007
      ... Apply the patch that is provided by the vendor ... This function is given the string and the buffer, ... The buffer overflow vulnerability this function contains is caused by ... This vulnerability differs from the known Security Bulletin 'MS03-007'. ...
      (Bugtraq)