[Snort-devel] RE: sp_respond

Smith, Donald Donald.Smith at ...530...
Tue Apr 9 09:56:07 EDT 2002


Jeff, are you planning to include the synscan kill feature in
sp_respond.c.
I noticed it is not in 1.8.6. I am seeing a ramen like worm using
the sshd crc vulnerability and synscan1.6 as its scanning engine.

We could STOP the propagation using the response code (synscan kill).






More information about the Snort-devel mailing list