Vulnerability vs. Exploit signatures and IPS??

From: Jacob Winston (jctx09_at_yahoo.com)
Date: 05/17/05

Next message: Lance Spitzner: "Release of Honeywall CDROM 'Roo'"

Previous message: Edward Balas: "Release of Sebek version 3"
Next in thread: Andrew Plato: "RE: Vulnerability vs. Exploit signatures and IPS??"
Maybe reply: Andrew Plato: "RE: Vulnerability vs. Exploit signatures and IPS??"
Reply: Matt.Carpenter_at_alticor.com: "Re: Vulnerability vs. Exploit signatures and IPS??"
Maybe reply: Jason Anderson: "RE: Vulnerability vs. Exploit signatures and IPS??"
Reply: Ed Gibbs: "Re: Vulnerability vs. Exploit signatures and IPS??"
Reply: Jordan Wiens: "Re: Vulnerability vs. Exploit signatures and IPS??"
Reply: Bill Royds: "RE: Vulnerability vs. Exploit signatures and IPS??"
Reply: David W. Goodrum: "Re: Vulnerability vs. Exploit signatures and IPS??"
Reply: Matthew Watchinski: "Re: Vulnerability vs. Exploit signatures and IPS??"
Reply: Iván Arce: "Re: Vulnerability vs. Exploit signatures and IPS??"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 17 May 2005 02:57:59 -0000
To: focus-ids@securityfocus.com

('binary' encoding is not supported, stored as-is)

Can someone explain to me the difference in writing signatures based on Vulnerabilities versus writing signatures based on Exploits? TippingPoint makes a claim that their IPS is better because they write signatures based on Vulnerabilities and not exploits. I don't quite understand this.

Thank you,

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------

Next message: Lance Spitzner: "Release of Honeywall CDROM 'Roo'"

Previous message: Edward Balas: "Release of Sebek version 3"
Next in thread: Andrew Plato: "RE: Vulnerability vs. Exploit signatures and IPS??"
Maybe reply: Andrew Plato: "RE: Vulnerability vs. Exploit signatures and IPS??"
Reply: Matt.Carpenter_at_alticor.com: "Re: Vulnerability vs. Exploit signatures and IPS??"
Maybe reply: Jason Anderson: "RE: Vulnerability vs. Exploit signatures and IPS??"
Reply: Ed Gibbs: "Re: Vulnerability vs. Exploit signatures and IPS??"
Reply: Jordan Wiens: "Re: Vulnerability vs. Exploit signatures and IPS??"
Reply: Bill Royds: "RE: Vulnerability vs. Exploit signatures and IPS??"
Reply: David W. Goodrum: "Re: Vulnerability vs. Exploit signatures and IPS??"
Reply: Matthew Watchinski: "Re: Vulnerability vs. Exploit signatures and IPS??"
Reply: Iván Arce: "Re: Vulnerability vs. Exploit signatures and IPS??"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]