Snort mailing list archives
Re: Blackhole exploit kit...not so GREat...
From: Joel Esler <jesler () sourcefire com>
Date: Wed, 21 Nov 2012 11:16:09 -0500
On Nov 20, 2012, at 11:10 AM, Balasubramaniam Natarajan <bala150985 () gmail com> wrote:
The snort manual says that snort cannot work with GRE protocol, how to find out this infection if a person get infected outside the network where snort is monitoring ?
http://manual.snort.org/node10.html If you compile snort with --enable-gre (which is on by default when you compile) it'll decode the gre layer. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire
------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Blackhole exploit kit...not so GREat... Lay, James (Nov 20)
- Re: Blackhole exploit kit...not so GREat... Balasubramaniam Natarajan (Nov 21)
- Re: Blackhole exploit kit...not so GREat... Joel Esler (Nov 21)
- Re: Blackhole exploit kit...not so GREat... Balasubramaniam Natarajan (Nov 21)