No subject


Thu Nov 23 16:36:19 EST 2017


a service.
Wanna DOS a service? If a site uses active Firewall
reconfiguration
you simply have to send lots and lots of spoofed
attacks and the whole
damned
Internet will be unable to connect to the site (okay,
maybe this is somewhat
exaggerated, but you *really* can generate a lot of
trouble).

But this is just my humble opinion and, as I said - I
am a newbie and maybe
I just did not configure my IDS properly - well it
should not have such
default settings in the first place.

BTW: I will *not* recommend usage of active response
in my diploma thesis.
It's so difficult to keep track of those blocking
rules.

IDS is expensive and you usually have a hard time
justifying that you need
xxxxx$ again
for additional Sensors and stuff. So if you _ever_
cause network problems
because your IDS blocks legitimate connections for
whatever reason, your job
will get a lot more unpleasent for you and you can
forget that additional money
you need for your IDS ;)

Greetings,
D. Liesen



Erek spoke:

<flailing robot arms>

      DANGER!  DANGER!  DANGER WILL ROBINSON!  [0]

</flailing robot arms>


-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net


_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/




More information about the Snort-users mailing list