lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: legion at tierramedia.org (Antonio Javier G. M.) Subject: Re: signatures for Oracle Alert 68 Valdis.Kletnieks@...edu writes: > On Tue, 23 Nov 2004 18:43:22 +0100, "Antonio Javier G. M." said: >> We need signatures for IDS/IDP for Oracle's alert 68. ^^^^^^^^ Just a reminder for everybody an the archives - In fact the question was very clear (see IDS/IDP --> Intrusion detection and prevention) and IDPs/IPS are condoms, not doctors, for example netscreen IDP and Nai IPS, an the last version of snort (based on snort inline). >> How can we protect against these attacks if we can not apply patches in some >> platforms? > > Just a reminder for everybody and the archives - unless you're using some sort > of firewall appliance that doesn't pass a packet that triggers a signature, > having a signature doesn't actually protect you. > > If you're just using Snort, and it coughs up a "Signature for Oracle 68" > message, it's *too late*. That's not a condom, that's the doctor telling you > the test came back positive. > > (An amazing number of people manage to get confused on this point, and probably > get hacked as a result....) > We really know what are we talking about. Please, use google to search for IDP or IPS technologies and snortinline.
Powered by blists - more mailing lists