[Snort-users] FlexResp

Rob Collins robtompc at ...131...
Thu Oct 4 14:53:01 EDT 2001


How does FlexResp work? I don't believe it actually
does (nor can) block packets. I think it works in one
of two basic ways. Either a rule matching a tcp packet
is used, and the appropriate rst_* flag is used to
send forged packets. Or a rule matching a udp packet
is used, and the appropriate icmp_* responce is forged
back to the sender.

=====
--r
"Experience is that marvelous thing that enables you to recognize a mistake when you make it again." -- F. P. Jones

__________________________________________________
Do You Yahoo!?
NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
http://geocities.yahoo.com/ps/info1




More information about the Snort-users mailing list