[Snort-users] Anyone heard of TCP Drop Records?

Jason Lewis jlewis at ...2449...
Mon Feb 18 17:00:04 EST 2002


I figure it's a test.  ;)

There is an SNMP command TCP Drop, but I don't think that is it.  The man in
the middle stuff is probably more likely, it was in the context of IDS, so
maybe they are referring to monitoring those kinds of attacks.

Maybe I should make something up, and test THEM!!  haha

jas

-----Original Message-----
From: Phil Wood [mailto:cpw at ...440...]
Sent: Monday, February 18, 2002 7:41 PM
To: Jason Lewis
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Anyone heard of TCP Drop Records?


News to me too.  You can use a tcp connection to drop records in an sql
database. %^)

Or, you can use the tcp protocol and man in the middle techniques to send
RST
packets to one or both ends of a TCP connection.  He probably got "Drop"
from
conversations which discuss "dropping" a connection.  The word "Records"
seems like a word from the database community.  I use words like "packets",
"frames", "sessions", or "connections" when discussing things Internet.

You could come back at them using correct terminology with something like:

  I assume you mean ...

Later,

On Mon, Feb 18, 2002 at 02:01:29PM -0500, Jason Lewis wrote:
> I just saw this in a job listing.
>
> Must have strong hands-on experience and be familiar with the latest
> security techniques including TCP Drop Records
>
> I think I am pretty up to speed on this kind of stuff, but I can't find
that
> anywhere.
>
> jas
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

--
Phil Wood, cpw at ...440...






More information about the Snort-users mailing list