[Snort-users] Hello

akos.daniel at ...14798... akos.daniel at ...14798...
Thu Apr 1 05:27:07 EDT 2010


And another questions:
What kind of protocol/application would you control? http? ftp? smtp?
pop3? chat programs?...
And what would you do with https or ssh? or renamed and archived and
password protected or encrypted exe files?

I think snort would not be an explicit solution for this.
I would check the solutions for end-host protection first and then go on
with security from the network side. Instead of IDS I would look for
network proxies (example http or ftp proxy) where you can scan all files
and identify the types..

> Hello everybody
>   I am vishesh and new for this list as well as for snort. snort is
> really an excellent software for IDS.
>     My query is i want to monitor exe downloads in my network, how can
> i achieve that ?
>
> Thanks
>
>
>
>
> --
> http://linuxinterviews.blogspot.com
>
> ------------------------------------------------------------------------------
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>






More information about the Snort-users mailing list