| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: rlanguy at hotmail.com (Lan Guy) Subject: IDS (ISS) and reverse engineering 1) you too can get some exclusive stuff http://members.microsoft.com/consent/Info/Default.aspx But you have to pay. 2) ISS have also written some of the Technical Reference - Security for MS Windows 2000. ----- Original Message ----- From: "V.O." <vosipov@....com.au> To: <full-disclosure@...ts.netsys.com> Cc: <focus-ids@...urityfocus.com> Sent: Wednesday, November 26, 2003 11:15 AM Subject: [Full-Disclosure] IDS (ISS) and reverse engineering > Recently I've got to listen to a marketing pitch by an ISS guy. He was going > along the lines of "our X-force reverse-engineered Microsoft RPC libraries > and created signatures..." and "we use protocol decoding, so we > reverse-engineered various closed-source protocols in order to create out > decoders". > > What struck me - isn't this kind of activity actually illegal in the US? To > which extent it is possible to disassemble Windows code? And if it is > illegal, then aren't their customers (plus many other IDSes, with the > exclusion of Snort, probably) in danger - what if Microsoft or whoever else > sues ISS for doing this? :) > > I'm puzzled. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists