[Snort-users] Is there a problem with Linux 2.4.0?
ian at ...686...
Thu Jan 11 17:06:49 EST 2001
A useful discussion of ECN as it relates to security:
----- Original Message -----
From: "Ryan Russell" <ryan at ...35...>
To: "Jason Haar" <Jason.Haar at ...294...>
Cc: <snort-users at lists.sourceforge.net>
Sent: Thursday, January 11, 2001 1:09 PM
Subject: Re: [Snort-users] Is there a problem with Linux 2.4.0?
> On Fri, 12 Jan 2001, Jason Haar wrote:
> > Owch - I forgot to mention I was running snort-1.7...
> > The portscanning one is easy for me to block. I should anyway as I run
> > nmap/nessus from there too. But the "probe-Queso Fingerprint attempt"
> > the like would still pop up... I wonder if that rule should be changed
> > match all new Linux systems then... :-)
> I wish I could remember more details, or find the thread in the
> archives... perhaps it was an update to the ruleset, rather than Snort
> itself? Or perhaps I've just misidentified the problem entirely.. but I
> do recall the newer kernels were setting of IDS systems.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
More information about the Snort-users