IPS and Sony BMG Root Kit

From: Genjii (genjii_at_gmail.com)
Date: 11/25/05

  • Next message: Alex Krycek: "Re: Sans GIAC GSEC exam"
    Date: Fri, 25 Nov 2005 10:49:17 +0900
    To: security-basics@securityfocus.com
    
    

    Does anyone have any factual reports of any host based IPS
    detecting/preventing the Sony BMG rootkit before it was widely known?


  • Next message: Alex Krycek: "Re: Sans GIAC GSEC exam"

    Relevant Pages

    • Re: Change SSH port? why does this seem to be safer?
      ... >> I also run portsentry, which blocks out IPs that try to do port scans. ... >> Once a host has scanned a few ports, that host gets added to my ... reason to take interest in it. ...
      (comp.os.linux.security)
    • Re: DNS port flooding
      ... implemented some very basic ACLs to block the offending IPs as they hit us. ... I've blocked 6 or 8 IPs now and am looking for a better long term solution. ... access-list 101 deny udp host x.x.x.x any eq domain ...
      (comp.dcom.sys.cisco)
    • Re: Butterball Blobbie (Righturdia, Middle School Wanker, Suckular Subhuman) gets Buster-BUSTED
      ... Host: newsfeed.aioe.org ... No, RETARD, all THREE are REGISTERED in the Netherlands. ... Aioe.org stuffs ONE of their server IPs into EVERY usenet ... User (poster) IPs are in the ...
      (alt.politics)
    • Re: host-based ips ?
      ... a good host based IPS need a secureOS to support it. ... a frame work named LSMis very useful to implement a secure Linux OS which already in kernel 2.5.x. ... > LIDS secure linux kernel ...
      (Focus-IDS)
    • Re: host-based ips ?
      ... > host based ips. ... General solutions are often easier on a host than the traditional ... "detect and stop known attack" of the Network IPS world. ... INTRUSION PREVENTION: READY FOR PRIME TIME? ...
      (Focus-IDS)