[Snort-users] Whad'ya do?
ryan at ...35...
Tue May 8 17:58:21 EDT 2001
On Tue, 8 May 2001 Dave.Hampel at ...1919... wrote:
> I was wondering..... I monitor my firewall logs and I get messages from
> Snort saying someone is scanning my network using FTP or SunRPC source port
> (etc.) Great. Works as advertised. BUT what do you DO about it.
> Has anyone taken measures to actually stop or report these a*holes that are
> wasting bandwidth?
You might check out ARIS http://aris.securityfocus.com . We give you a
way to manage reporting incidents to ISPs, among a number of other
features. It's also a way to be one more count against a particular
attacker even if you don't want to report things yourself. It's free.
More information about the Snort-users