>Say tackling file format vulnerabilities, you can do some sort of file format >decoder, but that
too will be complex. Boss ,All software will be complex if u want to achive better things . a simple file format decoder is complex for u ,but for a product it is necessery dont u think so ?come out from ur capabilities and think about a product that need to be used in corporate networks. >Specially client-side, there are way too manyevasion tactics. interesting !!.But a Proper product should cover all these evasion tactics isnt it ? instead of going for exploit specifc , Thats what i am trying to say .. FPs are coming just because u need a better understanding of protocol and need a good parser .. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
