[Snort-users] The truth about Napster

Shockley, Steve Steve.Shockley at ...378...
Tue Oct 3 16:32:08 EDT 2000


Well, there's a subtle difference between "detecting security risks" and
"detecting misuse of the network."  I wrote a rule to detect GnuTella data,
not so much because I believe that GnuTella is a particular security risk,
but because I want to be able to tell my users "Hey, don't waste bandwidth
downloading MP3s during work hours" (and make them a little paranoid in the
process).

-----Original Message-----

	Thanks for all the info about the Large ICMP packets issue.

	Well, I hope this question is not too off-topic, but I started to
get Napster alerts from snort ("Napster 7777 Data"). One of my users had 
installed Napster in a Linux box in which he has root priviledges.

	I've being trying to gather some info about the real risks of
running Napster but found nothing very conclusive except for occasional
bugs. I want to be able to decide if I can allow hime to run Napster or
not, i.e. if it's safe to run it, and if not, I would like to have the
right arguments. 

	I guess that if there is a rule for Napster it means that Napster
is dangerous. Can you point out some references/opinions on this?

	Thanks.



More information about the Snort-users mailing list