Roelof JT Jonkman
roel at ...47...
Wed Mar 13 07:44:09 EST 2002
> Thanks for this detail explanation.Does this indicate that in every( WAN )
> case where the delay is more ,the possibility of RST packet, generated by snort,
> reaching the other end increases? That is if the no. of hops are more, it is more
> likely that the snort terminates the connection.
Yes, that would be correct to assume.
> But in any case it is not
Yes, it propably be accurate to say that 9 out of 10 times it works in a WAN
situation. (Somewhere during 1.8.3 Marty changed a bunch of the flexible
response code around so it prebuild's the the RST packets, that did it quite
a bit of good.)
More information about the Snort-users