David Maynor wrote: > 1. You find out about the vuln the same time ISS does. Due to excellent > threat intelligent and a top notch Research and Development team they are > likely to know about the threat long before you do.
So you are either implying that ISS does not practice full or responsible disclosure, or stating something strange. Could you elaborate - and maybe provide examples of this actually having happened ? > Protocols are updated all the time, traffic changes constantly So I read this as a "protocol anomaly detection doesn't work" declaration, right ? Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
