1) you too can get some exclusive stuff http://members.microsoft.com/consent/Info/Default.aspx But you have to pay.
2) ISS have also written some of the Technical Reference - Security for MS Windows 2000. ----- Original Message ----- From: "V.O." <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, November 26, 2003 11:15 AM Subject: [Full-Disclosure] IDS (ISS) and reverse engineering > Recently I've got to listen to a marketing pitch by an ISS guy. He was going > along the lines of "our X-force reverse-engineered Microsoft RPC libraries > and created signatures..." and "we use protocol decoding, so we > reverse-engineered various closed-source protocols in order to create out > decoders". > > What struck me - isn't this kind of activity actually illegal in the US? To > which extent it is possible to disassemble Windows code? And if it is > illegal, then aren't their customers (plus many other IDSes, with the > exclusion of Snort, probably) in danger - what if Microsoft or whoever else > sues ISS for doing this? :) > > I'm puzzled. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
