they might have had a partial list but that would only be the ones
they tested. The general conclusion is that everyone can be bypassed.
That was part of the point of the Month of Browser Bugs that HD did.
There was an IDS review by Intelguardians (no relation to Intel Corp)
that compared a bunch last year. I think it was in InfoSec Magazine.
toby
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of trav_2@hotmail.com
Sent: Tuesday, January 02, 2007 6:49 PM
To: focus-ids@securityfocus.com
Subject: IPS Vendor Evasion
At Blackhat HD Moore and Brian Caswell did a presentaion of bypassing
IPS. Maybe I dreamed this but wasn't there a list of vendors that were
and were not bypassed? Maybe it was not HD and Brian that did it. If
there was such a thing where can I find it?
Thanks,
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig
n=intro_sfw
to learn more.
------------------------------------------------------------------------
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
