[Snort-users] Snort's Defense Against Stick

ktimm at ...651... ktimm at ...651...
Mon Mar 19 15:01:37 EST 2001


All this would not be a problem if network admins would do egress
filtering on the routers. This would prety much defeat the spoofed DOS
attack of network equipment. As far as stick goes it uses a default snort
config to generate packets. If your default config file is changed and
narrowed down (If you are only protecting windows web servers use rules
specific to that) you should be able to significantly reduce the
effectiveness of stick. 

On Mon, 19 Mar 2001, Lampe, John W. wrote:

> 
> http://www.eurocompton.net/stick/
> 
> John Lampe
> 
> -----Original Message-----
> From: Ron 'The InSaNe One' Rosson [mailto:insane at ...321...]
> Sent: Monday, March 19, 2001 10:29 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Snort's Defense Against Stick
> 
> 
> With the weekend talk of a new program soon hitting the streets called
> 'STICK', I was wondering how snort was going to stand up against it.
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 





More information about the Snort-users mailing list