[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Comcast using IPS to protect the Internet from their home user clients?

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] Comcast using IPS to protect the Internet from their home user clients?
From: "Cushing, David" <David.Cushing@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 9 Mar 2004 13:18:25 -0500

> > Anyhow, I noticed that certain vulnerability scans, for 
> example scans
> > using Nikto and similar tools, when run from a Comcast 
> address show a
> > different behavior than when they are run from a clear, uncontrolled
> > Internet connection (i.e. corporate T-3). In fact, it appears like
> > Comcast has an Inline-IDS (some call it an IPS ;) sitting 
> on its wires,
> > filtering out certain signatures and blocking subsequent 
> access for a
> > short period of time. For example, scan progresses, then hangs
> > inexplicably, then resumes, trips a sig, and hangs again. 


Adelphia (cable modem) has also been fishy lately.  Something new in the past 
couple of months.




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] Comcast using IPS to protect the Internet from their home user clients?
  - From: -={|TooManyMirrors|}=-

Prev by Date: [Full-Disclosure] 3 new microsoft security bulletins are posted today... non rated critical
Next by Date: Re: [Full-Disclosure] RE: MAX_PATH is 248 char..
Previous by thread: RE: [Full-Disclosure] Comcast using IPS to protect the Internet from their home user clients?
Next by thread: RE: [Full-Disclosure] Comcast using IPS to protect the Internet from their home user clients?
Index(es):
- Date
- Thread