[Snort-devel] Is it possble you have a developer who is not on the right side?

Fyodor fygrave at ...1...
Sun Nov 18 23:39:01 EST 2001

All right, mr. NoRookie, would you mind to provide us with more details
on what you're talking about? :-) I.g. direct link of the binary/package
which you have downloaded, tcpdump/windump logs of what you are
observing as 'attacks on several IPs in the internet' etc.


On Mon, Nov 19, 2001 at 09:37:21AM -0800, Ted Hulick wrote:
> I downloaded your package yesterday...I've been in the industry 22 years and I know what I'm doing...
> I didn't alter the configuration, but since it's been downloaded - I've had to kill my network link 3 times...
> I have a high speed cable line...one of my NT machines has launched numerous attacks across the
> internet..and not even machines I contacted...i.e., incremental IP address and Port...
> .how do I know, I have several tools...including a sniffer...
> I think you should take a look at the Windows version of the download...I've seen enough evidence myself
> to suggest it is seriously tainted by someone...it may not be as easy as testing it, as they have maybe
> programmed to make sure it's not a "home address"....it's no joke.
> Like I said, I'm no rookie...I do analyze networks for a living....I'm deleting this code, and the install...
> and I won't recommend this package to anyone until you can explain what happened.
> Feel free to call me...
>    832-687-5200
>    Ted Hulick
> ps- Unless your code is seriously buggy, you have a/some tainted developers playing games.....

More information about the Snort-devel mailing list