[15011] in bugtraq
CyberCop Monitor NT 2.5
daemon@ATHENA.MIT.EDU (dr_erik_wright@GMX.NET)
Wed May 24 13:26:21 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <3683.959125872@www19.gmx.net>
Date: Wed, 24 May 2000 01:51:12 +0200
Reply-To: dr_erik_wright@GMX.NET
From: dr_erik_wright@GMX.NET
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
While playing with whisker's IDS evasion features, I determined that some
of the techniques employed are effective against Cybercop Monitor 2.5 on the
Windows NT platform.
This came as a great surprise to me since my company chose this product
because of the IDS evasion paper that Network Associates released a few years
ago. They don't seem to practice what they preach, just like every other
commercial security solution.
After doing some searching, I noticed that ISS Realsecure had a similar
problem that was reported on bugtraq a few months ago.
Thanks a bunch ISS and Network Associates.
--
Sent through Global Message Exchange - http://www.gmx.net
