RE: How to choose an IDS/FW MSS provider
From: Stuart Staniford (stuart_at_nevisnetworks.com)
Date: 03/15/05
- Previous message: Dahl-Hansen, Kjetil: "RE: How to choose an IDS/FW MSS provider"
- In reply to: David W. Goodrum: "Re: How to choose an IDS/FW MSS provider"
- Next in thread: Jason: "Re: How to choose an IDS/FW MSS provider"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'David W. Goodrum'" <dgoodrum@nfr.com>, "'Adam Powers'" <apowers@lancope.com> Date: Mon, 14 Mar 2005 20:46:51 -0800
David Goodrum wrote:
> And yes,
> it's possible
> to compromise systems that are simply sniffing... but it's
> much harder.
> I know of only one product that's been successfully remotely
> exploited
> in this manner, and the only reason that happened was because
> it was an
> opensource product that allows hackers to read the source
> code and look
> for ways to compromise it.
Mmmm. The Witty worm last year compromised ISS deployments in this manner.
Stuart.
Stuart Staniford, Principal Scientist
Nevis Networks
stuart@nevisnetworks.com
408-327-4652
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
- Previous message: Dahl-Hansen, Kjetil: "RE: How to choose an IDS/FW MSS provider"
- In reply to: David W. Goodrum: "Re: How to choose an IDS/FW MSS provider"
- Next in thread: Jason: "Re: How to choose an IDS/FW MSS provider"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
