Re: How to make flexresp respond on all existing rules ?

[Rich Adamson <radamson () routers com>]

Yes, you have to edit each rule that you'd like flexresp to respond to, "and"
tell flexresp exactly how you want it to respond.

Hopefully you've read the archives to know that flexresp can lead you into
a false sense of security as not all intruders actually listen for whatever
flexresp might be sending. Also, unless you understand exactly how each of
your applications/systems might respond to a flexresp packet, you're likely
to assume things that aren't correct. Be carefull.

------------------------
> Do I manually have to edit all rules that I want a flexresp response for (by inserting
> the string "resp:rst_all"), or is there a way to make snort make a flexresp response on any
> alerts (without editing the rules) ?




-------------------------------------------------------
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users