Take a look at Content Technologies (makers of MimeSweep or MailSweep)..
Ask them about subscribing to their moderated mailing list. :)
Actually sounds like a good model to follow. Every time a security company
finds a vulnerability in someone's else product, the company that has the
vulnerability then turns around and makes a profit on charging their
customers for the fix. If the customer does not pay for the fix, a
consulting service company can then bill them for making them secure.. Hmm,
nice snowball multiplier affect.. :)
/m
At 02:20 PM 8/7/00 +0100, Marc Maiffret wrote:
>eEye has found a few holes in their "routing" software, Sygate. The way that
>Sybergen handled the issues was very poorly. They wouldn't release a patch
>and instead wanted customers to wait for the next major version of Sygate to
>be released... the next version which costs about 70 bucks. So basically it
>came down to having to pay 70 dollars for a security patch. I definitely
>would recommend against using Sybergen products.
>
>For an example of the poor code within a Sygate product:
>We found a bug that would cause Sygate to crash if you simply sent 3 bytes
>to port 67 of the Sygate machine.
>
>Signed,
>Marc Maiffret
>Chief Hacking Officer
>eCompany / eEye
>T.949.349.9062
>F.949.349.9538
>http://eEye.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
