Network Security: Detailed info on Re: IPS Vendor Evasion

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-IDS

[Top] [All Lists]

Re: IPS Vendor Evasion

from [Stefano Zanero] Network Security

[Permanent Link]

Subject:	Re: IPS Vendor Evasion
Date:	Thu, 04 Jan 2007 20:25:29 +0100

Tim Holman wrote:

Probably, but then no IDS/IPS is ever going to offer you 100% protection
(ie you need defense in depth), so should such a list _really_ matter?


Totally correct. If you add that IPS products (as well as most IDS
products) are fundamentally misuse-based, they will likely miss any new
attack, or specific attack against your own applications, this becomes
even more academic.

This is not an excuse for lame products, and HD and co. made a very very
good presentation and nice work ;)

Stefano

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
IPS Vendor Evasion, trav_2 RE: IPS Vendor Evasion, Kohlenberg, Toby Re: IPS Vendor Evasion, H D Moore Re: IPS Vendor Evasion, Tim Holman Re: IPS Vendor Evasion, Stefano Zanero <= Re: IPS Vendor Evasion, jeff . stebelton Re: IPS Vendor Evasion, Stefano Zanero Re: IPS Vendor Evasion, levinson_k

Previous by Date:	Re: IPS Vendor Evasion, Stefano Zanero
Next by Date:	Re: ISS's IPS and Javascript interpreter, levinson_k
Previous by Thread:	Re: IPS Vendor Evasion, Tim Holman
Next by Thread:	Re: IPS Vendor Evasion, jeff . stebelton
Indexes:	[Date] [Thread] [Top] [All Lists]