robtompc at ...131...
Thu Oct 4 14:53:01 EDT 2001
How does FlexResp work? I don't believe it actually
does (nor can) block packets. I think it works in one
of two basic ways. Either a rule matching a tcp packet
is used, and the appropriate rst_* flag is used to
send forged packets. Or a rule matching a udp packet
is used, and the appropriate icmp_* responce is forged
back to the sender.
"Experience is that marvelous thing that enables you to recognize a mistake when you make it again." -- F. P. Jones
Do You Yahoo!?
NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
More information about the Snort-users