RE: Tuning false positives - SIM is not the answer
- From: Ron Gula <rgula@xxxxxxxxxxxxxxxxxxx>
- Date: Fri, 13 Jan 2006 18:58:31 -0500
At 05:37 PM 1/13/2006, Mike Owen wrote:
On 1/13/06, Matthew Caldwell <mcaldwel@xxxxxxxxxxxxx> wrote: > You could always solicit to have the source for the Linux/GNU/GPL'ed > apps to be published from Cisco. Linksys had the same problem because > they could have modified the code. The same thing could be applied from > another perspective for other products out on the market. > > Matt
That wouldn't work. The only GPL code on there is RedHat 7.2, the source of which is available. Everything else is Cisco/Protego IP, which they are under no obligation to release.
There is always the Nessus 2 code as well.
Ron
------------------------------------------------------------------------ Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
- References:
- RE: Tuning false positives - SIM is not the answer
- From: Mike Owen
- RE: Tuning false positives - SIM is not the answer
- Prev by Date: Re: Testing IDS/IPS Solutions
- Next by Date: Signatures taking down network
- Previous by thread: RE: Tuning false positives - SIM is not the answer
- Next by thread: Re: RE: Tuning false positives - SIM is not the answer
- Index(es):
Relevant Pages
|
