[Snort-users] [Q] Socks server - NEWBIE!!!

Martin Roesch roesch at ...421...
Wed Jan 3 23:27:48 EST 2001


I'm not sure what you're asking for here.  Are you looking for some sort
of host based traffic analysis capability, or are you looking to filter
out all the traffic except that to your socks server?

     -Marty


mitiste at ...1065... wrote:
> 
>         I have a question for the gurus: is there any way I could
> possibly reduce/filter the "noise" coming from monitoring a proxy
> server with socks services enabled (as those services could be
> picking up any port), by - perhaps - running in parallel a "netstat-
> sort-of" command, and comparing real socks connections with
> possible exploit attempts?
> 
> TIA,
> Stef
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/mailman/listinfo/snort-users

--
Martin Roesch
roesch at ...421...
http://www.snort.org




More information about the Snort-users mailing list