Skip to content

Archives

Cisco file ludicrously lame patent on regexps

from Slashdot: Cisco patents ‘Intrusion detection signature analysis using regular expressions and logical operators’.

That is so, so sad. Filed January 15, 1999. There’s got to be a stack of prior art.

A google search throws up this trivial example first off — the use of snoop | egrep 'PATTERN1|PATTERN2|PATTERN3'. More searching reveals Lance Spitzner’s page on Intrusion Detection for Checkpoint FW-1, which looks like it was originally written in 1997. The alert.sh script there uses grep(1) plentifully.