Glenn Mansfield Keeni
glenn at ...1085...
Fri Dec 5 17:01:00 EST 2003
We have checked and cleaned the SnortSnmp code for potential
vulnerabilities. [replaced sprintf by snprintf, strcpy by
strncpy etc.]. The upgrades for the SnortSnmp output plugin
corresponding to Snort versions 2.0.[2-5] are available from
We have also added a throttling mechanism for SNMP alerts.
In case there is a direct or indirect DoS attack on the IDS
system itself. Only MAXALERTSINONESEC alerts per second will
be generated. If MAXALERTSINONESEC == 0 this feature is turned
off. (MAXALERTSINONESEC is defined in src/output-plugins/spo_SnmpTrap.c. )
We will be happy if the source can be folded back into to
snort-core. If there is something that remains to be done please
let us know.
Thanks and Cheers
More information about the Snort-devel