Re: Re: Re: Re: HTTP traffic
- From: hirosh@xxxxxxxxx
- Date: 9 Aug 2007 03:57:58 -0000
Say tackling file format vulnerabilities, you can do some sort of file format decoder, but thattoo will be complex.
Boss ,All software will be complex if u want to achive better things .
a simple file format decoder is complex for u ,but for a product it is necessery
dont u think so ?come out from ur capabilities and think about a product that need to be used in corporate networks.
Specially client-side, there are way too manyevasion tactics.
interesting !!.But a Proper product should cover all these evasion tactics isnt it ?
instead of going for exploit specifc ,
Thats what i am trying to say ..
FPs are coming just because u need a better understanding of protocol and need a good parser ..
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Prev by Date: Re: Shell Code detection patterns
- Next by Date: Re: Re: Re: Re: HTTP traffic
- Previous by thread: Re: Re: Re: HTTP traffic
- Next by thread: Re: Re: Re: Re: HTTP traffic
- Index(es):
Relevant Pages
|
