Security Basics mailing list archives
Hogwash, Snort, Puresecure help
From: "Nick Duda" <nduda () VistaPrint com>
Date: Fri, 5 Sep 2003 13:28:40 -0400
Hey everyone, Does anyone have experience getting hogwash to drop packets that contain traffic on port 25 (email specifically) containing certain text? I have a snort /puresecrue ids system working great spanning a port where the external T1 comes in. I want to drop traffic at that point using hogwash. I haven't been all that successful . Hogwash doesn't have much documentation. Thanks in advance, Nick Duda, CCSA, Security+ Systems Administrator --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- Hogwash, Snort, Puresecure help Nick Duda (Sep 05)