[Snort-users] few brief w32 questions ...
jeff at ...950...
Thu Jun 26 17:38:08 EDT 2003
-----BEGIN PGP SIGNED MESSAGE-----
- --On Wednesday, June 25, 2003 8:16 -0700 Jon Baer <security at ...9153...>
> ok after reading the book here are a few questions i still have:
> 1. arp preprocessor, not available on w32 yet?
It is available on Windows. I verified this just one moment ago.
> 3. with resp keyword is there anyway to inject a custom packet (either win
> or *nix)?
Right now? No. In the future? Perhaps. Making the packets is easy,
sending them unfortunately blocks the rest of the system. Coming up with a
way to express how a packet should be built within the snort rules language
isn't something I'm ready to dive into.
> - jon
> pgp key: http://www.jonbaer.net/jonbaer.asc
> fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47
http://cerberus.sourcefire.com/~jeff (gpg key available)
Great spirits have always encountered violent opposition from mediocre
- - Albert Einstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)
-----END PGP SIGNATURE-----
More information about the Snort-users