RE: [Snort-users] RE: Attack on snort running in Public Zone
This is a discussion on RE: [Snort-users] RE: Attack on snort running in Public Zone within the Snort forums, part of the System Security and Security Related category; This is a multi-part message in MIME format. ------=_NextPart_000_0060_01C3AB5D.D61DA0C0 Content-Type: text/plain; charset="us-ascii" ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-15-2003
|
|||
|
|||
RE: [Snort-users] RE: Attack on snort running in Public Zone
This is a multi-part message in MIME format.
------=_NextPart_000_0060_01C3AB5D.D61DA0C0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Michael, I guess your question is for James ? Regards KS -----Original Message----- From: snort-users-admin@lists.sourceforge.net [mailto:snort-users-admin@lists.sourceforge.net]On Behalf Of Michael Steele Sent: Saturday, November 15, 2003 8:46 AM To: snort-users@lists.sourceforge.net Subject: RE: [Snort-users] RE: Attack on snort running in Public Zone KS, Is this is a real solution or just a waste of bandwidth? Maybe there was a point here I didn't get? Cheers... -Michael Steele -- System Engineer / Security Support Technician mailto:michaels@winsnort.com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org > -----Original Message----- > From: snort-users-admin@lists.sourceforge.net [mailto:snort-users- > admin@lists.sourceforge.net] On Behalf Of james > Sent: Friday, November 14, 2003 4:54 PM > To: snort-users@lists.sourceforge.net > Subject: Re: [Snort-users] RE: Attack on snort running in Public Zone > > Well, don't run in on a OS that can be DoS'ed. > > > ----- Original Message ----- > From: "KS" <kanwaljeet@emind.com> > To: <snort-users@lists.sourceforge.net> > Sent: Tuesday, November 11, 2003 8:15 AM > Subject: [Snort-users] RE: Attack on snort running in Public Zone > > > : Is anyone out there who can help ???????? > : > : > : -----Original Message----- > : From: KS [mailto:kanwaljeet@emind.com] > : Sent: Monday, November 10, 2003 8:48 PM > : To: snort-users@lists.sourceforge.net > : Subject: Attack on snort running in Public Zone > : > : > : Helllo Everybody. > : > : I have snort running on win2k and it is working fine so far.I had > placed > : it in DMZ to monitor the malicious traffic passing through firewall and > Now > : i want to put another snort win2k system in Public zone i.e in between > my > : router and firewall so i can know which traffic is actually hitting the > : outside interface of my firewall. > : My concern is : Since my snort system ( win2k ) is gonna be on public > IP > : address , what will happen if somebody runs a Denial of service attack > on my > : snort system itself. > : How can i be sure that my snort system running on win2k is safe from > DOS > : attack ? > : > : Thanks > : KS > : > > > ------------------------------------------------------- > This SF. Net email is sponsored by: GoToMyPC > GoToMyPC is the fast, easy and secure way to access your computer from > any Web browser or wireless device. Click here to Try it Free! > https://www.gotomypc.com/tr/OSDN/AW/...=mm/g22lp.tmpl > _______________________________________________ > Snort-users mailing list > Snort-users@lists.sourceforge.net > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.p...st=snort-users ------------------------------------------------------- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/...=mm/g22lp.tmpl _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users ------=_NextPart_000_0060_01C3AB5D.D61DA0C0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD><TITLE></TITLE> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Dus-ascii"> <META content=3D"MSHTML 6.00.2600.0" name=3DGENERATOR></HEAD> <BODY> <P><FONT size=3D2>Michael,<BR><BR>I guess your question is for James=20 ?<BR><BR>Regards<BR>KS<BR><BR>-----Original Message-----<BR>From:=20 snort-users-admin@lists.sourceforge.net<BR>[<A=20 href=3D"mailto:snort-users-admin@lists.sourceforge.net">mailto:snort-user= s-admin@lists.sourceforge.net</A>]On=20 Behalf Of Michael<BR>Steele<BR>Sent: Saturday, November 15, 2003 8:46 = AM<BR>To:=20 snort-users@lists.sourceforge.net<BR>Subject: RE: [Snort-users] RE: = Attack on=20 snort running in Public Zone<BR><BR><BR>KS,<BR><BR>Is this is a real = solution or=20 just a waste of bandwidth?<BR><BR>Maybe there was a point here I didn't=20 get?<BR><BR>Cheers...<BR><BR>-Michael Steele<BR>--<BR> System = Engineer /=20 Security Support Technician <BR> <A=20 href=3D"mailto:michaels@winsnort.com">mailto:micha els@winsnort.com</A>&nb= sp; <BR> Website:=20 <A href=3D"http://www.winsnort.com"=20 target=3D_blank>http://www.winsnort.com</A><BR> Snort: Open Source = Network=20 IDS - <A href=3D"http://www.snort.org"=20 target=3D_blank>http://www.snort.org</A><BR><BR><BR>> -----Original=20 Message-----<BR>> From: snort-users-admin@lists.sourceforge.net [<A=20 href=3D"mailto:snort-users-">mailto:snort-users-</A><BR>>=20 admin@lists.sourceforge.net] <STRONG>On Behalf Of james<BR></STRONG>> = Sent:=20 Friday, November 14, 2003 4:54 PM<BR>> To:=20 snort-users@lists.sourceforge.net<BR>> Subject: Re: [Snort-users] RE: = Attack=20 on snort running in Public Zone<BR>><BR>> Well, don't run in on a = OS that=20 can be DoS'ed.<BR>><BR>><BR>> ----- Original Message = -----<BR>>=20 From: "KS" <kanwaljeet@emind.com><BR>> To:=20 <snort-users@lists.sourceforge.net><BR>> Sent: Tuesday, = November 11,=20 2003 8:15 AM<BR>> Subject: [Snort-users] RE: Attack on snort running = in=20 Public Zone<BR>><BR>><BR>> : Is anyone out there who can help=20 ????????<BR>> :<BR>> :<BR>> : -----Original = Message-----<BR>> :=20 From: KS [<A=20 href=3D"mailto:kanwaljeet@emind.com">mailto:kanwal jeet@emind.com</A>]<BR>= > :=20 Sent: Monday, November 10, 2003 8:48 PM<BR>> : To:=20 snort-users@lists.sourceforge.net<BR>> : Subject: Attack on snort = running in=20 Public Zone<BR>> :<BR>> :<BR>> : Helllo = Everybody.<BR>>=20 :<BR>> : I have snort running on win2k and it is working = fine so=20 far.I had<BR>> placed<BR>> : it in DMZ to monitor the malicious = traffic=20 passing through firewall and<BR>> Now<BR>> : i want to put another = snort=20 win2k system in Public zone i.e in between<BR>> my<BR>> : router = and=20 firewall so i can know which traffic is actually hitting the<BR>> : = outside=20 interface of my firewall.<BR>> : My concern is : = Since my=20 snort system ( win2k ) is gonna be on public<BR>> IP<BR>> : = address , what=20 will happen if somebody runs a Denial of service attack<BR>> on = my<BR>> :=20 snort system itself.<BR>> : How can i be sure that my = snort=20 system running on win2k is safe from<BR>> DOS<BR>> : attack = ?<BR>>=20 :<BR>> : Thanks<BR>> : KS<BR>>=20 :<BR>><BR>><BR>>=20 -------------------------------------------------------<BR>> This SF. = Net=20 email is sponsored by: GoToMyPC<BR>> GoToMyPC is the fast, easy and = secure=20 way to access your computer from<BR>> any Web browser or wireless = device.=20 Click here to Try it Free!<BR>> <A=20 href=3D"https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=3Dmm/g= 22lp.tmpl"=20 target=3D_blank>https://www.gotomypc.com/tr/OSDN/AW/...t/g22lp?Targe= t=3Dmm/g22lp.tmpl</A><BR>>=20 _______________________________________________<BR >> Snort-users = mailing=20 list<BR>> Snort-users@lists.sourceforge.net<BR>> Go to this URL to = change=20 user options or unsubscribe:<BR>> <A=20 href=3D"https://lists.sourceforge.net/lists/listinfo/snort-users"=20 target=3D_blank>https://lists.sourceforge.net/lists/listinfo/snort-users<= /A><BR>>=20 Snort-users list archive:<BR>> <A=20 href=3D"http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users"=20 target=3D_blank>http://www.geocrawler.com/redir-sf.p...=3Dsnort-user= s</A><BR><BR><BR><BR><BR>------------------------------------------------= -------<BR>This=20 SF. Net email is sponsored by: GoToMyPC<BR>GoToMyPC is the fast, easy = and secure=20 way to access your computer from<BR>any Web browser or wireless device. = Click=20 here to Try it Free!<BR><A=20 href=3D"https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=3Dmm/g= 22lp.tmpl"=20 target=3D_blank>https://www.gotomypc.com/tr/OSDN/AW/...t/g22lp?Targe= t=3Dmm/g22lp.tmpl</A><BR>____________________________________________ ___<= BR>Snort-users=20 mailing list<BR>Snort-users@lists.sourceforge.net<BR>Go to this URL to = change=20 user options or unsubscribe:<BR><A=20 href=3D"https://lists.sourceforge.net/lists/listinfo/snort-users"=20 target=3D_blank>https://lists.sourceforge.net/lists/listinfo/snort-users<= /A><BR>Snort-users=20 list archive:<BR><A=20 href=3D"http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users"=20 target=3D_blank>http://www.geocrawler.com/redir-sf.p...=3Dsnort-user= s</A><BR></FONT></P></BODY></HTML> ------=_NextPart_000_0060_01C3AB5D.D61DA0C0-- ------------------------------------------------------- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/...=mm/g22lp.tmpl _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
