Snort mailing list archives
Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device?
From: Chris Green <cmg () uab edu>
Date: Sun, 11 Nov 2001 11:20:20 -0600
"Chr. v. Stuckrad" <stucki () math fu-berlin de> writes:
Hi!
I'm in a hurry to create 'responses' to kill incoming ssh-connections
to some openssh-1.* vulnerable hosts where I have no root-access to,
but snort is reading on eth1 an not-writable mirror-port of an router.
I geht no visible responses on the 'normal' interface eth0, so I fear
the responses are on the wrong device (or not generated at all?) ?
Stucki
PS.: I definitely compiled 1.8.2 WITH --enable-flexresponse on my LINUX
end the rule logs correctly, but so far never 'responds'.
Flexresp is broken in 1.8.2. Please grab the CVS checkout if you need to use it. It shouldn't be too long before a official release that fixes this is done. -- Chris Green <cmg () uab edu> This is my signature. There are many like it but this one is mine. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Urgent (hopefully not dumb) question: resp:(onses) on which device? Chr. v. Stuckrad (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chris Green (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chr. v. Stuckrad (Nov 11)
- Re: Re: [Snort-devel] Urgent (hopefully not dumb) question:resp:(onses) on which device? Martin Roesch (Nov 12)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Fyodor (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chris Green (Nov 11)