Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] MIME/Content Filtering

from [Daniel Peck] Network Security [Permanent Link]
Subject: [Full-disclosure] MIME/Content Filtering
Date: Wed, 29 Mar 2006 14:35:58 -0500 
Looking for some info and discussion about filtering/denying through
the use of MIME types, and more specifically content verification.

How effective are these types of signatures/measures, dealing with
cisco devices currently, but I guess the conversation could be
expanded to other devices doing similiar things?

I could see there being a lot of problems with 3rd party apps created
files, such as mp3/jpg/doc/etc where they might set off a lot of false
positives by not adhering strictly to the file standard, but most apps
wouldnt have a problem with.  But I haven't dealt with this type of
thing enough to really have an opinion on it.

Thoughts/suggestions?
Thanks,

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-disclosure] MIME/Content Filtering, Daniel Peck <=
Previous by Date:  [Full-disclosure] [ GLSA 200603-26 ] bsd-games: Local privilege escalation in tetris-bsd, Stefan Cornelius
Next by Date:  [Full-disclosure] Third party patches, a matter of trust by n3td3v, n3td3v
Previous by Thread:  [Full-disclosure] [ GLSA 200603-26 ] bsd-games: Local privilege escalation in tetris-bsd, Stefan Cornelius
Next by Thread:  [Full-disclosure] Third party patches, a matter of trust by n3td3v, n3td3v
Indexes:  [Date] [Thread] [Top] [All Lists]