IDS mailing list archives

Re: IM & P2P packets

From: Eric Grejda <eric.grejda () sunrocket com>
Date: Mon, 05 Dec 2005 09:29:04 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ahmad mubarak wrote:

| i am new in infoSec field so my boss asked me to give him
| a list of IM and P2P users in our network
| i searched the Internet to find any tool to help in this task but no
result
| so is there any one can help !!! to achieve this task
| ideas , tools , procedures will appreciated

The Snort and Bleeding Snort rule sets have instant messenger detection
rules in them.  You might want to set up a Snort sensor or two and see
which IP addresses trigger those rules.

Speaking for myself and not my employers, as always.

- --
Eric Grejda
System Administrator, Sunrocket - http://www.sunrocket.com/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFDlE6vHJJGEDZR+J8RAi4GAJkBwdYfGawF6ERjnuRRRCdH94TPLgCfe+qE
HwlSJKOs4hEHA01eUtlaUFM=
=emIq
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?

Find out quickly and easily by testing itwith real-world attacks from CORE IMPACT.Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708to learn more.

------------------------------------------------------------------------

Current thread:

IM & P2P packets ahmad mubarak (Dec 02)
- Re: IM & P2P packets Blake Hartstein (Dec 05)
  - IDS for wireless sensor network Zhenwei Yu (Dec 10)
    - RE: IDS for wireless sensor network Chris Serafin (Dec 12)
- Re: IM & P2P packets Lachlan Bowes (Dec 05)
  - RE: IM & P2P packets net shark (Dec 10)
  - Re: IM & P2P packets Joel Esler (Dec 10)
- Re: IM & P2P packets Fco. Jose Garrido Matamoros (Dec 05)
- Re: IM & P2P packets Eric Hines (Dec 05)
- Re: IM & P2P packets Eric Grejda (Dec 05)