Snort mailing list archives

Re: Whad'ya do?

From: Ryan Russell <ryan () securityfocus com>
Date: Tue, 8 May 2001 15:58:21 -0600 (MDT)

On Tue, 8 May 2001 Dave.Hampel () cominco com wrote:

I was wondering..... I monitor my firewall logs and I get messages from
Snort saying someone is scanning my network using FTP or SunRPC source port
(etc.) Great. Works as advertised. BUT what do you DO about it.
Has anyone taken measures to actually stop or report these a*holes that are
wasting bandwidth?


<plug>
You might check out ARIS http://aris.securityfocus.com .  We give you a
way to manage reporting incidents to ISPs, among a number of other
features. It's also a way to be one more count against a particular
attacker even if you don't want to report things yourself.  It's free.
</plug>

                                Ryan


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Whad'ya do? Dave . Hampel (May 08)
- Re: Whad'ya do? Ryan Russell (May 08)
  - RE: Whad'ya do? Aaron McKinnon (May 08)