IDS: Re: WMF and IPS products?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

IDS mailing list archives

Re: WMF and IPS products?

From: Jason Haar <Jason.Haar () trimble co nz>
Date: Fri, 06 Jan 2006 10:31:23 +1300

Sam Evans wrote:

I am curious if any of the major IPS vendors are able to successfully
protect workstations from downloading malicious WMF content?

..and along with that - against all potential WMF exploits (not just the
easy ones), AND can handle detecting them over gzip-compressed HTTP
channels (as are being seen)


-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

By Date By Thread

Current thread:

WMF and IPS products? Sam Evans (Jan 05)
- Re: WMF and IPS products? Haseeb Abdali (Jan 09)
  - Re: WMF and IPS products? David W. Goodrum (Jan 10)
- Re: WMF and IPS products? Jason Haar (Jan 11)
- RE: WMF and IPS products? Mike Barkett (Jan 11)
  - RE: WMF and IPS products? Alan Shimel (Jan 11)
- Re: WMF and IPS products? Pukhraj Singh (Jan 11)
- <Possible follow-ups>
- RE: WMF and IPS products? Murat Korkmaz (Jan 11)
- RE: WMF and IPS products? Palmer, Paul (ISSAtlanta) (Jan 11)