Security Basics mailing list archives
Re: Probs on port 3123
From: Patrick Boucher <pboucher () gardienvirtuel com>
Date: Fri, 13 Jun 2003 17:05:54 -0400
Greetings, Yes Snort is very good but gives a lot of False possitive, don't you think? BTW, is it getting sent on the mailing list ? Patrick chort wrote:
Learn to ignore it. I've had several broadband providers and I always make sure to keep my logview running when my workstation is on (one of these days I'll import the MIBs to my Linux box so I'll have real logging). Any way, the point is I get never-ending streams of attempted IIS exploits, SQL exploits, etc. As long as the firewall is dropping the connection you have nothing to worry about. The stuff you *do* have to worry about is unexplained traffic to ports you are running services on. Snort is considered to be a pretty good free NIDS that you could deploy if you're concerned about watching your services.
-- Patrick Boucher Tél.: (450) 967-1617 Télec.: (450) 967-2641 --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare.Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Current thread:
- Re: Probs on port 3123 Dominick.S (Jun 13)
- Re: Probs on port 3123 chort (Jun 13)
- Re: Probs on port 3123 Patrick Boucher (Jun 13)
- Re: Probs on port 3123 chort (Jun 13)