Snort mailing list archives
Urgent (hopefully not dumb) question: resp:(onses) on which device?
From: "Chr. v. Stuckrad" <stucki () math fu-berlin de>
Date: Sun, 11 Nov 2001 17:53:14 +0100
Hi! I'm in a hurry to create 'responses' to kill incoming ssh-connections to some openssh-1.* vulnerable hosts where I have no root-access to, but snort is reading on eth1 an not-writable mirror-port of an router. I geht no visible responses on the 'normal' interface eth0, so I fear the responses are on the wrong device (or not generated at all?) ? Stucki PS.: I definitely compiled 1.8.2 WITH --enable-flexresponse on my LINUX end the rule logs correctly, but so far never 'responds'. -- Christoph von Stuckrad * * | nickname | <stucki () math fu-berlin de> \ Freie Universitaet Berlin |/_* | 'stucki' | Tel(days):+49 30 838-75 459 | Fachbereich Mathematik, EDV |\ * | if online | Tel(else):+49 30 77 39 6600 | Arnimallee 2-6/14195 Berlin * * | on IRCnet | Fax(alle):+49 30 838-75454 / _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Urgent (hopefully not dumb) question: resp:(onses) on which device? Chr. v. Stuckrad (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chris Green (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chr. v. Stuckrad (Nov 11)
- Re: Re: [Snort-devel] Urgent (hopefully not dumb) question:resp:(onses) on which device? Martin Roesch (Nov 12)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Fyodor (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chris Green (Nov 11)