Comments on: Intelligent IPS

By: GuTi

GuTi — Mon, 30 Jun 2008 17:43:08 +0000

Hi, they should not assume when the IPS blocks the request means the application is vulnerable, this is totally wrong. Human makes the decision, not machine.

This is just like they ask users to update server software and applications to prevent DDOS in their report.

Enabling signature that drops traffic without knowing what is running in the network just makes me sick.

By: possible

possible — Tue, 10 Jun 2008 22:14:37 +0000

I think its possible. Assume that the old version, which has a bug gets the input variables via post of 2 variables,lets call them as username_ and password_. so if the url matches and if those two variables also passes into that url, its normal that the ips may block…check if the awstat is really vulnerable or not. than continue to forcing the ips guy to do his job. you can also ask him to disable the signature.