There are so many ways to create a long string in Javascript. How do
Network based IDS/IPS can detect these kinds of attacks? Is it
possible to create signatures to detect these attacks? Many existing
IDS/IPS devices don't have capabilities to interpret and evaluate
javascripts. So, I would think that it is nearly impossible. Any
insight?
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig
n=intro_sfw
to learn more.
------------------------------------------------------------------------
I have come across this vulnerability
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0729
and corresponding Exploit at
http://www.milw0rm.org/exploits/5268
There are so many ways to create a long string in Javascript. How do
Network based IDS/IPS can detect these kinds of attacks? Is it
possible to create signatures to detect these attacks? Many existing
IDS/IPS devices don't have capabilities to interpret and evaluate
javascripts. So, I would think that it is nearly impossible. Any
insight?
Thanks
Ravi
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig
n=intro_sfw
to learn more.
------------------------------------------------------------------------
[ reply ]