Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Cisco IOS Shellcode - McAfee IPS Protection

from [Ron Gula] Network Security [Permanent Link]
Subject: Re: Cisco IOS Shellcode - McAfee IPS Protection
Date: Mon, 08 Aug 2005 20:28:26 -0400
At 01:12 PM 8/8/2005, Ed Gibbs wrote:
Having used IntruShield for several years, I called them on this because I thought the same thing. As it turns out, they protect detect the shell code, and if your policies setup can actually block it. Their detection of shell-code execution is pretty strong from our research.

Ed 

Hi Ed,

I'd appreciate it if you can elaborate. When I hear folks talk about
shell code execution, I become curious about two parameters, the
false positive rate and the false negative rate. In your research,
how many, if any, detected shell code executions were not accurate,
and possibly, how many shell code exploits occurred that were not
detected?

Ron Gula, CTO
Tenable Network Security





------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Updating Enterasys Dragon NIDS signature..., Joshua Krage
Next by Date:  Re: Updating Enterasys Dragon NIDS signature..., Jordan Wiens
Previous by Thread:  Re: Cisco IOS Shellcode - McAfee IPS Protection, Ed Gibbs
Next by Thread:  Re: Cisco IOS Shellcode - McAfee IPS Protection, Ron Gula
Indexes:  [Date] [Thread] [Top] [All Lists]