[Full-Disclosure] Re: signatures for Oracle Alert 68
nirvana
karmic_nirvana at yahoo.com
Wed Nov 24 13:48:56 GMT 2004
Well an interesting idea is network based patching
systems. The solution to this problem is to have a
technology using which you can achieve the same effect
as patching a server but without actually patching the
server physically. Something like a network based
patching system.
The technology is highly effective in precisely
emulating (detection -> sanitization -> response) as
if the application patches (as if applied locally,
Oracle too). It's being worked out by a company. You
may see it in market next year around.
--- "Antonio Javier G. M." <legion at tierramedia.org>
wrote:
> We need signatures for IDS/IDP for Oracle's alert
> 68.
> How can we protect against these attacks if we can
> not apply patches in some
> platforms?
>
> Any interesting ideas?
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html
>
__________________________________
Do you Yahoo!?
All your favorites on one personal page – Try My Yahoo!
http://my.yahoo.com
Full-Disclosure is hosted and sponsored by Secunia.