Network Security: Detailed info on RE: Tuning false positives

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-IDS

[Top] [All Lists]

RE: Tuning false positives - SIM is not the answer

from [Mike Owen] Network Security

[Permanent Link]

Subject:	RE: Tuning false positives - SIM is not the answer
Date:	Fri, 13 Jan 2006 14:37:20 -0800

On 1/13/06, Matthew Caldwell <mcaldwel@micromuse.com> wrote:

You could always solicit to have the source for the Linux/GNU/GPL'ed
apps to be published from Cisco. Linksys had the same problem because
they could have modified the code. The same thing could be applied from
another perspective for other products out on the market.

Matt


That wouldn't work. The only GPL code on there is RedHat 7.2, the
source of which is available. Everything else is Cisco/Protego IP,
which they are under no obligation to release.

Mike

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: RE: RE: Tuning false positives - SIM is not the answer, (continued) Re: RE: RE: Tuning false positives - SIM is not the answer, brent Re: Tuning false positives - SIM is not the answer, Jason Re: Tuning false positives - SIM is not the answer, Brent Stackhouse Re: Tuning false positives - SIM is not the answer, Jason Re: Tuning false positives - SIM is not the answer, Brent Stackhouse Re: RE: RE: Tuning false positives - SIM is not the answer, brent RE: Tuning false positives - SIM is not the answer, Hellman, Matthew Re: Tuning false positives - SIM is not the answer, Brent Stackhouse RE: Tuning false positives - SIM is not the answer, Bruce Young RE: Tuning false positives - SIM is not the answer, Matthew Caldwell RE: Tuning false positives - SIM is not the answer, Mike Owen <= Message not available RE: Tuning false positives - SIM is not the answer, Ron Gula Re: RE: Tuning false positives - SIM is not the answer, Anton Chuvakin

Previous by Date:	Re: Tuning false positives (SIM and VM), David W. Goodrum
Next by Date:	BASE 1.2.2 (cindy) released, Kevin Johnson
Previous by Thread:	RE: Tuning false positives - SIM is not the answer, Matthew Caldwell
Next by Thread:	RE: Tuning false positives - SIM is not the answer, Ron Gula
Indexes:	[Date] [Thread] [Top] [All Lists]