The only thing that I would add that ehat in an idea world firstly on finding a vulnerability that an advisory is made to the product producerthen secondly to the list with an IDS fingerprint SNORT. Then not until areasonable time to fix the vulnerability the proof of concept exploit is released (This gives time to hone the exploit as well :)Sometimes (often, in fact) it's really hard to write a good SNORT signature that can't be reverse-engineered to give up enough info to create a PoC....Maybe signatures should be able to be MD5'ed.
mmm, on second thoughts maybe it would be too processor intensive. It may work on a window though ? Don't know, I'll leave it to the experts :) Aaron _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/