[Snort-users] FlexResp

Rob Collins robtompc at ...131...
Thu Oct 4 14:53:01 EDT 2001

How does FlexResp work? I don't believe it actually
does (nor can) block packets. I think it works in one
of two basic ways. Either a rule matching a tcp packet
is used, and the appropriate rst_* flag is used to
send forged packets. Or a rule matching a udp packet
is used, and the appropriate icmp_* responce is forged
back to the sender.

"Experience is that marvelous thing that enables you to recognize a mistake when you make it again." -- F. P. Jones

Do You Yahoo!?
NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.

More information about the Snort-users mailing list