[Snort-users] Standard questions

Craig Paterson craigp at ...9278...
Fri Aug 6 12:05:09 EDT 2004


Esler, Joel - Contractor wrote:

>We should assign personnel to answering the same questions over and over
>again.  I.E.
>
>"Snort/ACID/PHP/Mysql doesn't work"
>"How can I get Snort to email me alerts?"
>"Oinkmaster is broke"
>"Snort not logging"
>
>And the hits just keep on comin...  
>  
>

Just hang a sensor off Sourceforge sniffing the mail traffic. Someone 
write some (kick-ass) rules to detect the questions coming in and 
generate auto-email responses to the respective requestors. And then we 
spend a while talking about DOS-by-question, the impossibility of 
writing rules that actually do what I describe, that sort of thing...

Craig.




More information about the Snort-users mailing list