Yes...SOURCEFIRE customers get those signatures early. They get handed out to the Snort world well after the fact. SourceFire is a commercial company and you must PAY to get their product.
In other words - Sourcefire is no different than TP, ISS or any other commercial vendor in this regard. As such, we're all just selling what we know. ___________________________________ Andrew Plato, CISSP President/Principal Consultant Anitian Enterprise Security -----Original Message----- From: Richard Bejtlich [mailto:[EMAIL PROTECTED] Sent: Monday, April 10, 2006 10:36 AM To: Andrew Plato Cc: Basgen, Brian; [email protected] Subject: Re: IDS vs. IPS deployment feedback You are not familiar with modern Snort signature development by the Sourcefire Vulnerability Research Team. See: http://www.sourcefire.com/services/sf_vrt.html For one example: http://www.sourcefire.com/news/press_releases/pr121504.html _________________________________________________ NOTICE: This email may contain confidential information, and is for the sole use of the intended recipient. If you are not the intended recipient, please reply to the message and inform the sender of the error and delete the email and any attachments from your computer. _________________________________________________ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
