-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andrew Plato wrote:
| A lot of the commercial ones do. TippingPoint has quite a few spyware
| signatures. ISS has some. Don't know about Symantec or Cisco.
|
| Some AV will detect spyware, but not all. And even then, AV tends not to
| be very good at blocking communication of already installed spyware.
The Bleeding Snort ruleset (http://www.bleedingsnort.com/) detects quite
a few spyware agents, in my experience.
Speaking for myself and not my employers, as always.
- --
Eric Grejda
System Administrator, Sunrocket - http://www.sunrocket.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)
iD8DBQFDSm+eHJJGEDZR+J8RAnKhAJ9elxllcXTX//bhnwg5Yk0iqvRaAwCfTPGM
uS82zf7pE5/UDJgDTUqbn/s=
=K/gh
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
