[Snort-users] ask about hack program to go through the firewa ll

Matt Yackley Matt.Yackley at ...5858...
Thu Sep 19 06:34:07 EDT 2002


Try running a vulnerability scanner like Nessus against your firewall.

Yes, you should have an IDS even if the firewall is very strong, I can think
of several reasons:
1. Just because your attempts at hacking the system failed, doesn't mean
that you have tried everything
2. Can be used to keep an eye on your firewall, just in case someone changes
a rule that allows something through
3. What if your firewall has a glitch and lets something through
4. When the next new threat comes out against a service that you are letting
through the firewall, IDS can be used to help find it and define rules to
keep it out
5. Prevention is necessary but detection is a must!

Matt

-----Original Message-----
From: ardi [mailto:reddish41 at ...131...]
Sent: Thursday, September 19, 2002 7:30 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] ask about hack program to go through the firewall


Hi all...
First of all I wanna give a picture the situation I
have here.. right now i have a firewall between my
local network and the internet, and my snort box is
before the firewall and after the firewall.
I wanna test how hard the snort can detect the hacking
programs, but i don't know much about hacking program
out there.
So i just wanna ask if there is someone here that can
give me a clue to find the hacking program to attack
the firewall so i can go through to my local network.
Im doing this just for my experiment on my final
assignment at my university.

My point here is do we need an IDS if the firewall is
strong enough to block the attack..??

Thanks everyone

__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list