[Snort-users] using flex response to block auto updates of client software
Glenn Forbes Fleming Larratt
glratt at ...604...
Wed Jan 9 07:50:06 EST 2002
Um...why use flex response as opposed to simply blocking the traffic
from the external host or hosts, using whatever firewall or other
access control you have at your site? What you want to do seems more
a firewall than an IDS task.
On Wed, 9 Jan 2002, Madhav Diwan wrote:
> I would like to put an IDS in place on a proxy server that handles
> mainly tcp connections from several clients to a external service
> provider running a tcp server over nonstandard ports.
More information about the Snort-users