Security Group wrote: > Btw are their HIDS that can detect all-in-memory exploits (without the > need of starting a process via the kernel)?
Not in the commercial world, but for sure in research: http://portal.acm.org/citation.cfm?id=1368514 Best, Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
