ams67 at ...3655...
Mon Dec 2 13:48:02 EST 2002
IMAO IDSs should not interfere with FWs. If I spoof my IP address with
your current, e.g. DNS server and send a forged packet with an attack
signature to your network protected by your IDS/FW integrated system I
can create an easy DoS by stopping legal and operational traffic.
That is really easy to accomplish (e.g. nmap -D your.good.dns.server,
My 2 cents
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Mike
Sent: Wednesday, 27 November 2002 6:48 a.m.
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] SHUN
Does SNORT support adding commands to firewalls? As an example, if I
received a BAD packet, I would like to add a filter based on that
information to my firewall. I understand that SNORT cannot decide which
packets are bad, but I would think we would be able to trace an issue
the command has been executed.
Thanks in advance,
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power & Color in a compact size!
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users