jesekure.net

• Next message: Greg Shipley: "IDS: BlackICE product description?"
• Previous message: Andy Bradford: "Re: IDS: IDS engines put this together"
• Next in thread: Marcus J. Ranum: "Re: IDS: Detecting exploits/shellcode"
• Reply: Marco Vaz: "Re: IDS: Detecting exploits/shellcode"
• Reply: diphenagitation.net: "Re: IDS: Detecting exploits/shellcode"
• Reply: Robert Graham: "Re: IDS: Detecting exploits/shellcode"
• Reply: Mark.Teicherpredictive.com: "Re: IDS: Detecting exploits/shellcode"
• Reply: Max Vision: "Re: IDS: Detecting exploits/shellcode"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
-----------------------------------------------------------------------------

Is it possible to detect buffer-overflow exploits beeing sent
over the network, execpt for having a database of shellcode?

Should it be possible somehow to decode the assembler code
beeing sent, or am i wrong?

-- 
Jonas Eriksson 

• Next message: Greg Shipley: "IDS: BlackICE product description?"
• Previous message: Andy Bradford: "Re: IDS: IDS engines put this together"
• Next in thread: Marcus J. Ranum: "Re: IDS: Detecting exploits/shellcode"
• Reply: Marco Vaz: "Re: IDS: Detecting exploits/shellcode"
• Reply: diphenagitation.net: "Re: IDS: Detecting exploits/shellcode"
• Reply: Robert Graham: "Re: IDS: Detecting exploits/shellcode"
• Reply: Mark.Teicherpredictive.com: "Re: IDS: Detecting exploits/shellcode"
• Reply: Max Vision: "Re: IDS: Detecting exploits/shellcode"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]