Snort mailing list archives
Re: Snort inline timeout
From: Frank Knobbe <frank () knobbe us>
Date: Thu, 30 Jul 2009 15:05:00 -0500
On Thu, 2009-07-30 at 12:28 -0400, Joel Esler wrote:
Snortsam is an "after attack" enforcement system. Snort inline deals with the attack during.
I take offense with that statement :) Snortsam is an "after packet" enforcement system, while Snort Inline deals with the packets. Snortsam is well suited to stop brute force attacks. But the initial packet or packets (however many required for the signature to fire) will go through. Cheers, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort inline timeout guerrilha (Jul 29)
- Re: Snort inline timeout Joel Esler (Jul 29)
- Re: Snort inline timeout Will Metcalf (Jul 29)
- Re: Snort inline timeout guerrilha (Jul 29)
- Re: Snort inline timeout Joel Esler (Jul 30)
- Re: Snort inline timeout guerrilha (Jul 30)
- Re: Snort inline timeout Joel Esler (Jul 30)
- Re: Snort inline timeout Will Metcalf (Jul 30)
- Re: Snort inline timeout Frank Knobbe (Jul 30)
- Re: Snort inline timeout Joel Esler (Jul 30)
- Re: Snort inline timeout guerrilha (Jul 29)