Re: IDS and Spywares

• Previous message: barcajax_at_gmail.com: "Re: IDS and Spywares"
• In reply to: Andrew Plato: "RE: IDS and Spywares"
• Next in thread: Desai, Deepen: "RE: IDS and Spywares"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 10 Oct 2005 09:41:52 -0400
To: neelabhsharma1@gmail.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrew Plato wrote:
| A lot of the commercial ones do. TippingPoint has quite a few spyware
| signatures. ISS has some. Don't know about Symantec or Cisco.
|
| Some AV will detect spyware, but not all. And even then, AV tends not to
| be very good at blocking communication of already installed spyware.

The Bleeding Snort ruleset (http://www.bleedingsnort.com/) detects quite
a few spyware agents, in my experience.

Speaking for myself and not my employers, as always.

- --
Eric Grejda
System Administrator, Sunrocket - http://www.sunrocket.com/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFDSm+eHJJGEDZR+J8RAnKhAJ9elxllcXTX//bhnwg5Yk0iqvRaAwCfTPGM
uS82zf7pE5/UDJgDTUqbn/s=
=K/gh
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

• Previous message: barcajax_at_gmail.com: "Re: IDS and Spywares"
• In reply to: Andrew Plato: "RE: IDS and Spywares"
• Next in thread: Desai, Deepen: "RE: IDS and Spywares"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]