At 01:54 AM 10/27/99 +0000, Crispin Cowan wrote: >... The particularly interesting technologies seem to include: > > * back-scanning the intruder Sidewinder's always had this. Works for chasing really lame script kiddies but simply points to red herrings if you're chasing someone competent. > * the usual claim of "we have more signatures than anyone else" (I wouldn't > know :-) I have an *old* thing sitting around for some product that "detects over 270" signatures. The Black Ice stuff I saw claimed around 200. Of course, heaven knows what they're really counting. This segues rather nicely into the Common Vulnerability Enumeration discussion -- CVEs may turn into the marketing touchstone: "we detect everything in the CVE." It's essentially a replay of anti-virus competition, but I don't think anyone ever came up with a third party enumeration of viruses. I wonder if the Mitre team has the funding or line item or whatever to pay for maintaining the CVE for the forseeable future. In a sense I'm surprised it's not part of CERT, though someone would have to give CERT the extra money to pay to do the work. Rick. smithat_private "Internet Cryptography" at http://www.visi.com/crypto/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:45:19 PDT