Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Antwort: RE: Snort-Machine = Security Hole?

From: Steve Hutchins <Steve.Hutchins () optimation co nz>
Date: Fri, 13 Jul 2001 10:14:04 +1200
What other options do we have to eliminate the buffer overflow flaw?


Take a look at
http://www.rsa.com/rsalabs/technotes/buffer/buffer_overflow.html

Steve
-----Original Message-----
From: Ramin Alidousti [mailto:ramin () cannon eng us uu net]
Sent: Friday, 13 July 2001 9:46 a.m.
To: Crow, Owen
Cc: 'Ramin Alidousti'; snort-users () lists sourceforge net
Subject: Re: Antwort: RE: [Snort-users] Snort-Machine = Security Hole?


On Thu, Jul 12, 2001 at 01:43:29PM -0500, Crow, Owen wrote:


[...]
Once again:
1. This is not Snort specific.  Substitute tcpdump or possibly Netranger

and

you end up with similar issues.  


Got it.

What if you'd bring some part of the snort functionality in the kernel.
I'm just thinking outloud though. What other options do we have to
eliminate the buffer overflow flaw?


2. It's all highly theoretical (until it gets implemented).


You've already come up with a high level design ;-) The rest
shouldn't be that hard.

Thanks, Owen.

Ramin


Owen


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: