they might have had a partial list but that would only be the ones they tested. The general conclusion is that everyone can be bypassed. That was part of the point of the Month of Browser Bugs that HD did.
There was an IDS review by Intelguardians (no relation to Intel Corp) that compared a bunch last year. I think it was in InfoSec Magazine. toby -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, January 02, 2007 6:49 PM To: [email protected] Subject: IPS Vendor Evasion At Blackhat HD Moore and Brian Caswell did a presentaion of bypassing IPS. Maybe I dreamed this but wasn't there a list of vendors that were and were not bypassed? Maybe it was not HD and Brian that did it. If there was such a thing where can I find it? Thanks, ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig n=intro_sfw to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
