Security Basics mailing list archives
RE: Can snort cut off connections ?
From: "dbs" <brandon () kungfoo info>
Date: Wed, 14 Jul 2004 14:40:59 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jaun, Snort has a feature to let you write "active respone rules". To enable this feature use the keywork is 'resp'. However, there are a some caveats to be noted. In order for this to work you my have a very fast IDS, because enabling this feature will add additional workload to your IDS. In addition, you have to compile this feature in at build time. This is documented in the snort manual on www.snort.org. Good Luck, Brandon Fingerprint: AB56 1637 13F5 9FF8 2F0B 7147 F20D 21CB 5728 FEAE - -----Original Message----- From: Juan B [mailto:juanbabi () yahoo com] Sent: Tuesday, July 13, 2004 1:46 AM To: security-basics () securityfocus com Subject: Can snort cut off connections ? Hi, I heard that It is possible to change snort to be active and start droping connections based on predifined roles. is it true ? thanks __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail - ---------------------------------------------------------------------- - ----- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html - ---------------------------------------------------------------------- - ------ -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQPWMSvINIctXKP6uEQLzlACdFqdfnsoMqRM7+jqb/d/r5dI5qdkAn1Xc oTdrzEEAG89+XQKBW2+BNyB3 =6Otz -----END PGP SIGNATURE----- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Can snort cut off connections ? Juan B (Jul 13)
- Re: Can snort cut off connections ? Zoran Perkov (Jul 13)
- Re: Can snort cut off connections ? Dan Daggett (Jul 13)
- RE: Can snort cut off connections ? Jason Haith (Jul 13)
- RE: Can snort cut off connections ? dbs (Jul 15)
- <Possible follow-ups>
- RE: Can snort cut off connections ? Dave Torre (Jul 13)
- RE: Can snort cut off connections ? Jordan, Jason D. "Dallas" (Jul 13)
- Re: Can snort cut off connections ? Michael Sconzo (Jul 14)