[Snort-users] Anyone heard of TCP Drop Records?

Rich Adamson radamson at ...2127...
Mon Feb 18 17:40:02 EST 2002


> I figure it's a test.  ;)
> 
> There is an SNMP command TCP Drop, but I don't think that is it.  The man in
> the middle stuff is probably more likely, it was in the context of IDS, so
> maybe they are referring to monitoring those kinds of attacks.

SNMP has a very limited number of _commands_, and TCP Drop is not one.

Whoever wrote that probably intended to mean initiating some action to
tell a firewall box to drop the offending packet. That would make snort
omnicsient! Cool! Or, maybe its just HR!   ;)

Two more beers!







More information about the Snort-users mailing list