NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FOCUS-IDS> 2007-q3

Re: Re: Re: Re: Re: HTTP traffic

From: Abhishek Bhuyan (abhuyangmail.com)
Date: Mon Aug 13 2007 - 11:34:56 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"part of company's properity project." - yes
abhicc - okay... give me one or two browser bugs and write a perfect
snort rule for those to detect it, I'll show you some live examples
how false positive might occur.
I'm not aware of if people share such things in these kind of
conferences, but I'm quite sure people do in thesis :). And I never
came to any conclusion. Just said chances are there.

--Abhishek

On 11 Aug 2007 03:44:12 -0000, abhicc285gmail.com <abhicc285gmail.com> wrote:
> Abhishek Bhyhan Says :----
>
>
> " What kind of result you want to know? I cannot share with you the benchmark or test setup details, but could certainly give you many examples. Again, that would be disclosing something which should not be :) "
>
>
>
> Abhishek Bhyan, I am interested in knowing how you came to conclusion that client side rules give more false positives than Web Server Side. You are sharing the results and not the testsetup or benchmark. Has it been published in some conference like black hat, IEEE SP, Virus bulletin or this is some thing which you did on you own or is it a part of company's properity project.
>
>
> Has it been validated????
>
>
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
> to learn more.
> ------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]