|
IDS
mailing list archives
RE: Network hardware IPS
From: Frank Knobbe <frank () knobbe us>
Date: Thu, 09 Oct 2003 19:53:43 -0500
On Tue, 2003-10-07 at 13:21, Dave Killion wrote:
Anyway, anyone who's crazy enough to put "cmd.exe" in his path deserves
all the False Positives he can stomach. And quoting a 5-year old paper on
IDS evasion doesn't convince me.
Whoa...
I didn't want to get involved in this discussion, but you leave me no
other choice with that statement. Why would you want to punish an
innocent web surfer for a stupid mistake or oversight of a web
developer?
http://www.medstuff.com/showme.php?AWeird+BDoctor+CDDS+CMD.EXECUTION-STYLE_DENTISTRY_ERRORS.html
or
http://newz.com/query.asp?HReport.LBaltimore.CMD.EXECUTIVE-SUMMARY
or
(well, you get the point I hope)
I don't know if Netscreen really wants to take the position that people
"get what they deserve"...
Regards,
Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
 By Date 
By Thread
Current thread:
- RE: Network hardware IPS, (continued)
| 
Intro
