[Snort-users] third party utility to kill ...
ronneilc at ...4042...
Thu Jan 31 17:10:23 EST 2002
-> -----Original Message-----
-> From: Matt Kettler [mailto:mkettler at ...4108...]
-> Sent: Thursday, January 31, 2002 6:14 PM
-> To: Ronneil Camara
-> Cc: snort-users at lists.sourceforge.net
-> Subject: RE: [Snort-users] third party utility to kill ...
-> Don't belive me that such a bypass is possible? Read a bit about how
-> purposefully sending tcp segments out-of-order helps this:
-> (interestingly that article pointed out a pcap latency bit
-> on BSD variants
-> I was unaware of.)
Ok. This captured my attention since I am running snort on OpenBSD and FreeBSD.
And btw, flexresp doesn't work with Openbsd if snort is run on a stealth
interface. I tried it on 3 different openbsd machine. Though, I only tried it
on Openbsd 3.0. Btw, flexresp works in FreeBSD on a stealth interface.
I'll read that article.
More information about the Snort-users