TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
We are getting ready to craft a response to this. The Fate Research
advisory is incorrect and there is no vulnerability described.
1. We do support user-defined signatures in RS
2. We released alerts for RDS and IIS Unicode
User-defined signature for RDS hole, August 9, 1999:
http://xforce.iss.net/alerts/advise32.php
User-defined signature for Unicode hold, October 26, 2000:
http://xforce.iss.net/alerts/advise68.php
3. The advisory describes a method for 'script kiddies' to detect
RealSecure on port 2998. When RS is in stealth mode, this is not possible
4. X-Force was not contacted to my knowledge about this vulnerability
before it hit bugtraq.
Audra Eng
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 06, 2000 8:12 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Fate Research Labs posting: RealSecure or Real"un"Secure
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
----------------------------------------------------------------------------
http://www.f8labs.com>/f8-103100-realsecure.txt Has anyone from ISS
responded to this??
