[Snort-users] Multiple networks and port-scanning...
cec at ...68...
Wed Jul 26 12:17:33 EDT 2000
Doh! of course. We have many (usually) more addresses to play w/ in this
space. This should be a simple hack. I may write it up this afternoon to
manage my networks. Of course I'll post to the list.
Great idea, thanks.
On Wed, 26 Jul 2000, Christian Hammers wrote:
> On Wed, Jul 26, 2000 at 12:09:13PM -0400, Christopher Cramer wrote:
> > Clever! But any thoughts on how you would know which machine was under
> > attack?
> Surely, just renumber them, making
> 22.214.171.124/24 -> 10.1.0.0/24 and
> 126.96.36.199/19 -> 10.2.0.0/19 etc.
> and match for 10.0.0.0/8.
> If you actually write such a renumber preprocessor, please post it to
> the list!
> > -Chris
> Christian Hammers WESTEND GmbH - Aachen und Dueren Tel 0241/701333-0
> ch at ...139... Internet & Security for Professionals Fax 0241/911879
> WESTEND ist CISCO Systems Partner - Premium Certified
More information about the Snort-users