Just to follow up, There are also many BOHS (Browser Hijack Sessions) implementations infact open source with open source code.
FYI...two cents of advice Regards, Vijay --- [EMAIL PROTECTED] wrote: > Hello list > > Does anyone have any experience with writing > signatures for McAfee IPS systems? It's a bit > frustrating compared to a system like Snort, because > the vendor-supplied sigs are "secret sauce". I > can't just look in there for examples similar to > what I'm trying to achieve. > > What I'm after in this case should in principle be > relatively simple - I want to catch certain function > calls in an HTTP response, but only in the context > of a javascript block. I'd like to avoid tripping > the signatures if the same strings come up in the > regular text of a page, e.g. a in a mailing list > posting describing an IDS signature or a browser > vulnerability... > > Regards > Mark > > PS - kindly cc me on replies, as I'm not subscribed > to the list > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to > http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw > > to learn more. > ------------------------------------------------------------------------ > > ____________________________________________________________________________________ Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos & more. http://mobile.yahoo.com/go?refer=1GNXIC ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
