IDS mailing list archives
Re: Fw: IDS (ISS) and reverse engineering
From: PAUL_TAYLOR () qvc com
Date: Wed, 26 Nov 2003 15:50:41 -0600
The DMCA makes an exxception for reverse engineering while doing security
research.
"V.O."
<vosipov () tpg com. To: <focus-ids () securityfocus com>
au> cc: (bcc: PAUL TAYLOR/QVC)
Ext: Subject: Fw: IDS (ISS) and reverse engineering
11/26/2003 02:53
PM
(re-submitted by the moderator's request - he asked not to cross-post)
Recently I've got to listen to a marketing pitch by an ISS guy. He was
going
along the lines of "our X-force reverse-engineered Microsoft RPC libraries
and created signatures..." and "we use protocol decoding, so we
reverse-engineered various closed-source protocols in order to create out
decoders".
What struck me - isn't this kind of activity actually illegal in the US? To
which extent it is possible to disassemble Windows code? And if it is
illegal, then aren't their customers (plus many other IDSes, with the
exclusion of Snort, probably) in danger - what if Microsoft or whoever else
sues ISS for doing this? :)
I'm puzzled.
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
Current thread:
- Fw: IDS (ISS) and reverse engineering V.O. (Nov 26)
- <Possible follow-ups>
- RE: IDS (ISS) and reverse engineering Drew Copley (Nov 26)
- Re: IDS (ISS) and reverse engineering rsh (Nov 27)
- Re: Fw: IDS (ISS) and reverse engineering PAUL_TAYLOR (Nov 26)
- RE: IDS (ISS) and reverse engineering Teicher, Mark (Mark) (Nov 27)
- Re: Fw: IDS (ISS) and reverse engineering Andrew Plato (Nov 27)