[Snort-users] Whad'ya do?

Ryan Russell ryan at ...35...
Tue May 8 17:58:21 EDT 2001


On Tue, 8 May 2001 Dave.Hampel at ...1919... wrote:

> I was wondering..... I monitor my firewall logs and I get messages from
> Snort saying someone is scanning my network using FTP or SunRPC source port
> (etc.) Great. Works as advertised. BUT what do you DO about it.
> Has anyone taken measures to actually stop or report these a*holes that are
> wasting bandwidth?

<plug>
You might check out ARIS http://aris.securityfocus.com .  We give you a
way to manage reporting incidents to ISPs, among a number of other
features. It's also a way to be one more count against a particular
attacker even if you don't want to report things yourself.  It's free.
</plug>

				Ryan





More information about the Snort-users mailing list