Snort mailing list archives
Urgent (hopefully not dumb) question: resp:(onses) on which device?
From: "Chr. v. Stuckrad" <stucki () math fu-berlin de>
Date: Sun, 11 Nov 2001 17:53:14 +0100
Hi!
I'm in a hurry to create 'responses' to kill incoming ssh-connections
to some openssh-1.* vulnerable hosts where I have no root-access to,
but snort is reading on eth1 an not-writable mirror-port of an router.
I geht no visible responses on the 'normal' interface eth0, so I fear
the responses are on the wrong device (or not generated at all?) ?
Stucki
PS.: I definitely compiled 1.8.2 WITH --enable-flexresponse on my LINUX
end the rule logs correctly, but so far never 'responds'.
--
Christoph von Stuckrad * * | nickname | <stucki () math fu-berlin de> \
Freie Universitaet Berlin |/_* | 'stucki' | Tel(days):+49 30 838-75 459 |
Fachbereich Mathematik, EDV |\ * | if online | Tel(else):+49 30 77 39 6600 |
Arnimallee 2-6/14195 Berlin * * | on IRCnet | Fax(alle):+49 30 838-75454 /
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Urgent (hopefully not dumb) question: resp:(onses) on which device? Chr. v. Stuckrad (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chris Green (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chr. v. Stuckrad (Nov 11)
- Re: Re: [Snort-devel] Urgent (hopefully not dumb) question:resp:(onses) on which device? Martin Roesch (Nov 12)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Fyodor (Nov 11)
- Re: [Snort-devel] Urgent (hopefully not dumb) question: resp:(onses) on which device? Chris Green (Nov 11)