Hello all,
I'm looking for a real-life case in which an IDS/IPS, if it had been
deployed, could have prevented a security breach.
In particular, I'm looking for a case in which:
1. A hacker penetrates an organization's network using a known
vulnerability (e.g., MS DCOM).
2. At that time, the organization does not use an IDS/IPS.
3. However, at the same time, there are commercially available devices
that could have prevented the attack. By this I mean, a device that by
that time, already had a signature that could have stopped the hacker above.
Vendors are welcome to suggest such cases, but all information must be
publicly available.
Thanks
Shai Rubin
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
