Snort mailing list archives
Re: Anti SpyWare
From: Sam Przyswa <samp () arial-concept com>
Date: Tue, 23 Aug 2005 14:37:30 +0200
Will Metcalf a écrit :
You could use the snort-inline feature set of snort + bleeding-malware.rules from http://www.bleedingsnort.com/bleeding-malware.rules or you could use snort+flexresp+bleeding-malware.flexresponse.rules http://www.bleedingsnort.com/flex-response/bleeding-malware.flexresponse.rules
I will upgrade from my old 2.2 to get the inline mode, at this time I use Guardian to drop the attack IPs but only from the Internet interface, from the LAN there is too much problems...
Thanks a lot for these advices. Sam. -- Ce message a été vérifié par MailScanner pour des virus ou des polluriels et rien de suspect n'a été trouvé. ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Anti SpyWare Sam Przyswa (Aug 22)
- Re: Anti SpyWare Will Metcalf (Aug 22)
- Re: Anti SpyWare Sam Przyswa (Aug 23)
- Re: Anti SpyWare Will Metcalf (Aug 22)