Snort mailing list archives
Re: Error in snort.conf for snort 2.9.2.2?
From: Matt Watchinski <mwatchinski () sourcefire com>
Date: Wed, 27 Jun 2012 11:31:01 -0400
While the tds port is bound to 1521, content connections are given a dynamic port after connect, which can be anything above 1024: Cheers, -matt On Tue, Jun 26, 2012 at 5:11 PM, Paul Schmehl <pauls () utdallas edu> wrote:
I just upgraded one of our sensors to 2.9.2.2. I was reviewing the snort.conf file to see what changes might need to be made in our conf file. I noticed that the portvar ORACLE_PORTS had been changed from 1521 to 1024. Is this an oversight? Or does Sourcefire know something I don't know. AFAIK the Oracle default port has not changed and is still 1521. -- Paul Schmehl (pauls () utdallas edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/infosecurity/ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- Matthew Watchinski V.P. Vulnerability Research (VRT) Sourcefire, Inc. Office: 410-423-1928 http://vrt-blog.snort.org && http://www.snort.org/vrt/
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Error in snort.conf for snort 2.9.2.2? Paul Schmehl (Jun 27)
- Re: Error in snort.conf for snort 2.9.2.2? Matt Watchinski (Jun 27)