Snort mailing list archives
Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up
From: "Will Metcalf" <william.metcalf () gmail com>
Date: Thu, 11 Oct 2007 05:42:50 -0500
It doesn't matter if the servers you are trying to protect are apache or not... Regards, Will On 10/11/07, carlopmart <carlopmart () gmail com> wrote:
Will Metcalf wrote:Yeah or mod_security, you could actually do av scanning with mod_security as well. Regards, WillIt is a good idea Will, but my customer need to use an IDS (web servers that I need to protect aren't apache servers) ...On 10/10/07, Joel Esler <joel.esler () sourcefire com> wrote:These two rulesets are entirely comprised of "ip" rules. Which are the slowest kind. If you are going to use Snort to do this type of activity, I suggest you take the IP's in those rules and use them in your iptables firewall, maybe Bleeding-threats can develop some type of firewall rules. Try shutting these two rulesets off and try again. -- joel esler http://demo.sourcefire.com/jesler.pgp.key On Oct 10, 2007, at 12:38 PM, carlopmart wrote:bleeding-compromised.rules bleeding-dshield.rules------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- CL Martinez carlopmart {at} gmail {d0t} com
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: network bandwidth downs when snort inoine is up, (continued)
- Re: network bandwidth downs when snort inoine is up carlopmart (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up Joel Esler (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up Jason (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up Joel Esler (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up carlopmart (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up Joel Esler (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up carlopmart (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up Joel Esler (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up Will Metcalf (Oct 10)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up carlopmart (Oct 11)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up Will Metcalf (Oct 11)
- Re: [RGSPAM] Re: network bandwidth downs when snort inoine is up carlopmart (Oct 11)
- Re: network bandwidth downs when snort inoine is up Victor Julien (Oct 10)
- Re: network bandwidth downs when snort inoine is up Will Metcalf (Oct 09)
- Re: network bandwidth downs when snort inoine is up carlopmart (Oct 09)