Snort mailing list archives
Re: Thoughts on internal vs. external IDS rulesets
From: Steve Ochani <jpegny () optonline net>
Date: Wed, 10 Apr 2002 12:14:28 -0400
On 10 Apr 2002 at 10:43, Chris Eidem wrote:
What do y'all look for running around in your network? Virii? PtP programs? Outbound unauthorized connections? Anything I haven't mentioned?
Besides what you mentioned I also look for the common exploits and am trying to set up portscan detection from servers being used by students. «¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤» "Players only love you when they're playing" --FleetWood Mac Steve O. Physical Sciences Dept. Network Admin See updated NCC weather conditions at http://wr.psi.ncc.edu/~data http://www.ncc.edu/dptpages/physci/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Thoughts on internal vs. external IDS rulesets Chris Eidem (Apr 10)
- Re: Thoughts on internal vs. external IDS rulesets Steve Ochani (Apr 10)
- <Possible follow-ups>
- RE: Thoughts on internal vs. external IDS rulesets Chris Eidem (Apr 10)
- RE: Thoughts on internal vs. external IDS rulesets Sheahan, Paul (PCLN-NW) (Apr 10)
- RE: Thoughts on internal vs. external IDS rulesets Alwin Raymundo (Apr 11)
- RE: Thoughts on internal vs. external IDS rulesets Sheahan, Paul (PCLN-NW) (Apr 11)