RE: third party utility to kill ...

["Ronneil Camara" <ronneilc () remingtonltd com>]

-> -----Original Message-----
-> From: Matt Kettler [mailto:mkettler () evi-inc com]
-> Sent: Thursday, January 31, 2002 6:14 PM
-> To: Ronneil Camara
-> Cc: snort-users () lists sourceforge net
-> Subject: RE: [Snort-users] third party utility to kill ...
-> 
-> 
-> Don't belive me that such a bypass is possible? Read a bit about how 
-> purposefully sending tcp segments out-of-order helps this:
-> 
-> http://www.securityfocus.com/infocus/1540
-> 
-> (interestingly that article pointed out a pcap latency bit 
-> on BSD variants 
-> I was unaware of.)

Ok. This captured my attention since I am running snort on OpenBSD and FreeBSD.

And btw, flexresp doesn't work with Openbsd if snort is run on a stealth
interface. I tried it on 3 different openbsd machine. Though, I only tried it
on Openbsd 3.0. Btw, flexresp works in FreeBSD on a stealth interface.

I'll read that article.

Thanks Matt.

Neil

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users