[Snort-users] Secure - NSLOOKUP
Scott A. McIntyre
scott at ...1050...
Sun Jan 28 16:30:44 EST 2001
> I'm also in complete agreement that it is TOTALLY not snort's job to do DNS
> lookups on addresses. I mean, who runs Apache with HostNameLookup turned on?
> [if yes - you're site must be pretty low-volume]
> This "problem" needs the same solution as Apache uses - namely build the DNS
> lookups into the analysis tools - not the actual processor itself.
It would be nice, at times, during a snort replay (-r) to have DNS
enabled for the sake of visual/mental convenience.
More information about the Snort-users