[Snort-users] monitoring who is monitoring you with snort (just a bit off topic)
bmc at ...312...
Fri Nov 24 19:52:50 EST 2000
mike johnson wrote:
> has anyone tried to build rules to monitor what some of the marketing
> companies are gathering about you as you browse the internet? companies
> like doubleclick, alexa, exactis, digital impact, responsys.
> this could be a whole new use for snort. granted, not the primary function
> of snort, but a very useful use for home users.
Well, I would prefer to use something that would parse the HTML a bit
There are many ways to hide "webbugs" into pages. The best one I have
as follows. A 1x1 GIF was included into an HTML file, but the GIF was
of invisable. It was included by an <img src=something.html> that had a
that set the max size for the GIF to 1x1. Its too bad that most
browsers (well, all
that I know of) would not render it. Browsers would go to the page
AdZap  has done a decent job at getting many of the lame web ads,
be using a caching proxy server, adding in something like AdZap would be
easy. Then just log everything from "AdZap" to your IDS logs.
Of course, if you do something silly like browse CNN.com your logs will
The MITRE Corporation
More information about the Snort-users