s/patch/IPS signature/g
Dave G. | December 16th, 2005 | Filed Under: Industry Punditry
daveg: ZDI + TippingPoint + Reverse Engineering = Zero Day TiVo
tqbf: uh, what?
daveg: Reverse engineering a Tippingpoint IPS gives you access to Zero Day Initiative signatures. IPS signatures for unknown vulnerabilities are approximately equivalent to having patches to vulnerabilities. Reverse, and you have the vulnerability. Therefore, you have a subscription to zero day vulnerabilities if you have a Tippingpoint machine.
tqbf: you know, you’re dignifying something silly. All they’re going to publish are XSS bugs. Probably not even pre-auth.
daveg: Snarkier reply to a snarky reply. If by post auth cross site scripting, you mean pre auth, remote, game over vulnerability in the software that stores all of the corporate family jewels, then i agree. For everyone else listening, know that I mostly agree with tqbf. Just don’t tell him.
Chris Walsh
December 16th, 2005 9:40 pmYeah, but that’s not a 0day Tivo — that’s 0Day RSS.
A 0day Tivo would pay attention to the 0days you like, and find you more of them :^).
wrc
December 19th, 2005 8:33 amWhy bother reverse-engineering the IPS, when all you really want is the signatures it will download? The trippingpoint boxes are heavy, eat a lot of power, and kind of suck.
It would be much nicer (and environmentally friendly) to replace that sucker with a half-assed perl script.
Leave a reply