Snort mailing list archives
RE: ask about hack program to go through the firewa ll
From: Matt Yackley <Matt.Yackley () perkinswill com>
Date: Thu, 19 Sep 2002 08:29:55 -0500
Try running a vulnerability scanner like Nessus against your firewall. Yes, you should have an IDS even if the firewall is very strong, I can think of several reasons: 1. Just because your attempts at hacking the system failed, doesn't mean that you have tried everything 2. Can be used to keep an eye on your firewall, just in case someone changes a rule that allows something through 3. What if your firewall has a glitch and lets something through 4. When the next new threat comes out against a service that you are letting through the firewall, IDS can be used to help find it and define rules to keep it out 5. Prevention is necessary but detection is a must! Matt -----Original Message----- From: ardi [mailto:reddish41 () yahoo com] Sent: Thursday, September 19, 2002 7:30 AM To: snort-users () lists sourceforge net Subject: [Snort-users] ask about hack program to go through the firewall Hi all... First of all I wanna give a picture the situation I have here.. right now i have a firewall between my local network and the internet, and my snort box is before the firewall and after the firewall. I wanna test how hard the snort can detect the hacking programs, but i don't know much about hacking program out there. So i just wanna ask if there is someone here that can give me a clue to find the hacking program to attack the firewall so i can go through to my local network. Im doing this just for my experiment on my final assignment at my university. My point here is do we need an IDS if the firewall is strong enough to block the attack..?? Thanks everyone __________________________________________________ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: ask about hack program to go through the firewa ll Matt Yackley (Sep 19)