IDS: RE: Network hardware IPS

From: Frank Knobbe <frank_at_knobbe.us>
Date: Thu, 09 Oct 2003 19:53:43 -0500

On Tue, 2003-10-07 at 13:21, Dave Killion wrote:
> Anyway, anyone who's crazy enough to put "cmd.exe" in his path deserves
> all the False Positives he can stomach. And quoting a 5-year old paper on
> IDS evasion doesn't convince me.

Whoa...

I didn't want to get involved in this discussion, but you leave me no
other choice with that statement. Why would you want to punish an
innocent web surfer for a stupid mistake or oversight of a web
developer?

http://www.medstuff.com/showme.php?AWeird+BDoctor+CDDS+CMD.EXECUTION-STYLE_DENTISTRY_ERRORS.html
or
http://newz.com/query.asp?HReport.LBaltimore.CMD.EXECUTIVE-SUMMARY
or
(well, you get the point I hope)

I don't know if Netscreen really wants to take the position that people
"get what they deserve"...

Regards,
Frank

application/pgp-signature attachment: This is a digitally signed message part

Received on Oct 10 2003