[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: signatures for Oracle Alert 68

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Re: signatures for Oracle Alert 68
From: nirvana <karmic_nirvana@xxxxxxxxx>
Date: Wed, 24 Nov 2004 05:48:56 -0800 (PST)

Well an interesting idea is network based patching
systems. The solution to this problem is to have a
technology using which you can achieve the same effect
as patching a server but without actually patching the
server physically. Something like a network based
patching system.
The technology is highly effective in precisely
emulating (detection -> sanitization -> response) as
if the application patches (as if applied locally,
Oracle too). It's being worked out by a company. You
may see it in market next year around.

--- "Antonio Javier G. M." <legion@xxxxxxxxxxxxxxx>
wrote:

> We need signatures for IDS/IDP for Oracle's alert
> 68.
> How can we protect against these attacks if we can
> not apply patches in some 
> platforms? 
> 
> Any interesting ideas? 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html
> 

__________________________________ 
Do you Yahoo!? 
All your favorites on one personal page ? Try My Yahoo!
http://my.yahoo.com 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Re: signatures for Oracle Alert 68
  - From: Antonio Javier G. M.

Prev by Date: RE: [Full-Disclosure] Network Security in India
Next by Date: Re: [Full-Disclosure] University Researchers Challenge Bush Win In Florida
Previous by thread: Re: [Full-Disclosure] Re: signatures for Oracle Alert 68
Next by thread: RES: [ok] [Full-Disclosure] Certifications
Index(es):
- Date
- Thread