[Am-info] New Threats Could Slip Past Intrusion Detection Systems
Fred A. Miller
fm@cupserv.org
Fri, 19 Apr 2002 16:29:58 -0400
New Threats Could Slip Past Intrusion Detection Systems
Signature-based Intrusion Detection systems (IDSes) could allow new
(methods) of attacks to slip past; polymorphic buffer overflows
alter or encrypt a known attack's shell code. IDSes need to start
incorporating anomaly and behavior-based detection
http://www.nwfusion.com/news/2002/0415idsevad.html
--
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
--- SuSE Linux v7.3 Pro---