Snort mailing list archives
Re: Include details of payload in log message?
From: Toby Riddell <toby.riddell () prevtec com>
Date: Sun, 12 Jun 2016 13:07:18 -0400
That's a good point! But for the time being I'd rather detect than prevent, prevention will come later. On Jun 12, 2016 12:20 PM, <wkitty42 () windstream net> wrote:
On 06/12/2016 06:54 AM, Toby Riddell wrote:Hi, I want to detect activity by bittorrent clients on my home network. Whentheystart they open a port from the Internet using UPnP IGD, a samplepayload is: from one old BOfH, if you disable that security hole known as uPNP, they can't do that and you won't have to worry about your network security being compromised by any uPNP program opening any ports it wants ;) -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list* unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Include details of payload in log message? Toby Riddell (Jun 12)
- Re: Include details of payload in log message? wkitty42 (Jun 12)
- Re: Include details of payload in log message? Toby Riddell (Jun 12)
- Re: Include details of payload in log message? wkitty42 (Jun 12)