BugTraq
Firekeeper - IDS for Firefox available Mar 06 2007 12:01PM
Jan Wrobel (wrobel blues ath cx) (1 replies)
Re: Firekeeper - IDS for Firefox available Mar 09 2007 07:53PM
Jex (hewhohuntscats gmail com) (2 replies)
Re: Firekeeper - IDS for Firefox available Mar 11 2007 11:02AM
Jan Wrobel (wrobel blues ath cx)
Re: Firekeeper - IDS for Firefox available Mar 10 2007 12:42AM
Bob Beck (beck bofh cns ualberta ca) (1 replies)
Re: Firekeeper - IDS for Firefox available Mar 11 2007 11:16AM
Jan Wrobel (wrobel blues ath cx) (2 replies)
On Fri, 9 Mar 2007, Bob Beck wrote:

> * Jex <hewhohuntscats (at) gmail (dot) com [email concealed]> [2007-03-09 13:27]:
> ...
> > >rules similar to Snort ones to describe browser based attack
> > >attempts.
> > > All incoming HTTP and HTTPS traffic is scanned with these
> > >rules. HTTPS and compressed responses are scanned after
> > >decryption/decompression.
>
> So the next snort style overflow/format string/etc bug from all that
> string bashing code going on in the ids can now let the attacker
> compromise a process with access to my https stream decrypted -
> probably on an already convieniently open descriptor. Yeah. Baby.
>
> "Web Browers are Bloated Fscking Monsters that are full of bugs"
>
> "Lets add more code to look for people exploiting the bugs - of
> course this code won't have bugs.."
>

Isn't it the case with every software created to add some protection
to you computer? Firewalls, antiviruses, IDSes etc. are all adding
code to your operating system that may, in the future, be found
vulnerable to some attack. It is just the question whether protection
they provide compensates additional threat they may introduce.

Jan Wrobel

[ reply ]
Re: Firekeeper - IDS for Firefox available Mar 13 2007 11:59PM
Gadi Evron (ge linuxbox org)
Re: Firekeeper - IDS for Firefox available Mar 13 2007 07:29PM
Bob Beck (beck bofh cns ualberta ca)


 

Privacy Statement
Copyright 2010, SecurityFocus