[Snort-users] ask about hack program to go through the firewall

Jon Quiros jquiros at ...6668...
Thu Sep 19 06:47:05 EDT 2002


oops.  you were looking for attack programs.  i'd look via altavista or
google for something like "+hack +download"
they're not too hard to find but i wouldn't trust them being backdoor free
or the like.  also on some networks you might be pointed out for using them,
so be weary.

i hope this helps.

> ardi,
> some thought from a non-expert:
>
> ardi wrote:
>
> > Hi all...
> > First of all I wanna give a picture the situation I
> > have here.. right now i have a firewall between my
> > local network and the internet, and my snort box is
> > before the firewall and after the firewall.
> > I wanna test how hard the snort can detect the hacking
> > programs, but i don't know much about hacking program
> > out there.
>
> big topic.  there are many attacks, and more to come.  some snort or any
> IDS won't know about.  that's why signatures are updated and it's very
> helpful to contribute with snort-sigs.
>
> >
> > So i just wanna ask if there is someone here that can
> > give me a clue to find the hacking program to attack
> > the firewall so i can go through to my local network.
> > Im doing this just for my experiment on my final
> > assignment at my university.
> >
> > My point here is do we need an IDS if the firewall is
> > strong enough to block the attack..??
>
> just like many attacks (most actually) occur from the inside, many
> attacks occur over paths/connections that the firewall allows in and
> must allow in for public services you wish to offer.
>
> from what i understand, i can think of one firewall strong enough to
> block any attack.  except it's not a firewall.  really, it would mean
> being disconnected from what you wish to protect things from.  picture a
> firewall with no power (acor dc), or a cleanly cut ethernet cable in a
> single critical data path, but if you've got that 100% fully functional
> and secure firewall setting going I'd say you've got other problems :)
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users






More information about the Snort-users mailing list