Snort mailing list archives

Re: [Emerging-Sigs] TCP/UDP "trivial" ports?

From: Joel Esler <jesler () sourcefire com>
Date: Tue, 23 Apr 2013 16:07:33 -0400

On Apr 23, 2013, at 3:56 PM, "Castle, Shane" <scastle () bouldercounty org> wrote:

Maybe this should be left to classic firewall rules rather than IDS? But it'd be nice to have defense in depth.


This is what I'm thinking.  But we have a feature we're looking at that may solve this in Snort.  Don't want to commit 
to it yet as bad things happen when I say "new feature may be coming" and then I get in trouble when the release slips.

------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

TCP/UDP "trivial" ports? Castle, Shane (Apr 23)
- Re: [Emerging-Sigs] TCP/UDP "trivial" ports? Will Metcalf (Apr 23)
  - Re: [Emerging-Sigs] TCP/UDP "trivial" ports? Castle, Shane (Apr 23)
    - Message not available
    - Re: [Emerging-Sigs] TCP/UDP "trivial" ports? Castle, Shane (Apr 23)
    - Re: [Emerging-Sigs] TCP/UDP "trivial" ports? Joel Esler (Apr 23)