Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Dailydave] For those of you that don't know....
From: ric k (cygnus.0ffgmail.com)
Date: Tue Dec 14 2004 - 00:24:21 CST
jumped in late. but yes i agree with david. i've worked with
tippingpoint's box and after some analysis could easily conclude that
tippingpoint has an intutive gui but when it comes to actually
detecting some advanced things, i was disappointed. i don't really
think that they are doing protocol decoding at all!!
it's very easy to 'play' with the tippingpoint box and evade it.
On Mon, 13 Dec 2004 15:24:42 -0500, Maynor, David (ISS Atlanta)
> You should preface your last statement with "I write exploits for a
> living so I don't want people to buy a solution that actually stops
> You can't say with a straight face they were doing better than everybody
> else in the market, they are evaded by simple RPC fragmentation, even
> SNORT catches that. ImmunitySec's own Canvas CRI turns it into swiss
> cheese, from what I hear.
> What other NIPS/HIPS vendors are you speaking of? As far as I know Willy
> Wonka got his Ompalompa's on spyware research now so the list of NIPS
> that tippingpoint is better than has dropped a bit.
> -----Original Message-----
> From: Sinan Eren [mailto:sinan.erenimmunitysec.com]
> Sent: Monday, December 13, 2004 2:39 PM
> To: Maynor, David (ISS Atlanta)
> Cc: dailydave
> Subject: Re: [Dailydave] For those of you that don't know....
> > Who knew PCRE was worth that much?
> Compared to other marketed NIDS/NIPS tippingpoint was doing a much
> job. So it did not suprise me much.
> Same could be said for Determina being so much better than all the other
> marketted HIPS out there. So i expect to see some big acquisition in
> I would personally pick tippingpoint and determina if i was in a CSO
> or similar position. So standing from a technical point of view I would
> endorse both of these products.
> Dailydave mailing list
Dailydave mailing list