[905] in Intrusion Detection Systems
No subject found in mail header
daemon@ATHENA.MIT.EDU (Justin J. Lister)
Sat Apr 5 23:51:23 1997
From: ruf@uow.edu.au (Justin J. Lister)
To: ids@uow.edu.au (Intrusion Detection System Mailing List)
Date: Sun, 6 Apr 1997 11:24:15 +1000 (EST)
Reply-To: ids@uow.edu.au
Message-Id: <2.2.32.19970331202040.009324d8@mail.iss.net>
X-Sender: alexf@mail.iss.net
X-Mailer: Windows Eudora Pro Version 2.2 (32)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Mon, 31 Mar 1997 15:20:40 -0500
To: ids@uow.edu.au
From: Alex F <alexf@iss.net>
Subject: Re:
>
>BLACKSBURG, VA. March 26, 1997 - MimeStar, Inc. today announced the first
>shipments of its SecureNet PRO v2.0, a revolutionary new network security
>solution. "SecureNet PRO v2.0 will completely change the face of network
>security as we know it," said Elliot Turner, CEO of MimeStar, Inc.
>"SecureNet PRO combines a multitude of advanced security technologies in
>one easy-to-use package."
>
Hmm. A RealSecure clone.
>Neither firewalls nor security scanners offer comprehensive protection
>against computer intrusions because new security vulnerabilities are
>constantly being discovered. Using MimeStar, Inc.'s proprietary EradiScan
>technology SecureNet PRO is able to detect and respond to network attacks
>that have yet to be discovered by the security community.
Umm,exactly how is that possible? Detect NEW security vulnerabilities that
have yet to be discovered by the security community? This I would like to see!
>For more information on SecureNet PRO v2.0 please visit the MimeStar, Inc.
>web site at http://www.MimeStar.com/
While I do not wish to speak badly of the competition, there are a few
things that I would like to mention. This tool allows for termination of
connections based on certain keystrokes. You can monitor profanity, etc.
While this may be a good idea in concept, this kind of potential censorship
power frightens me. Imagine if the Church of Scientology got a hold of this
with a "God key". Granted that is just a theory, and (hopefully) there is
no "God key" capability built into this software, however, it does
illustrate a point. The product also does session Hijacking. I would
really like to know the purpose of this. We elected not to add this
functionality into RealSecure simply because there is no use for it. I
would like to know if this product has any reporting capabilities as well, I
did not see any listed on the web page.
Alex F
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Alex F - Internet Security Systems
Webmaster/Security Training/Tech Support/Etc.
alexf@iss.net
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
