[Snort-users] anomalous http server
This is a discussion on [Snort-users] anomalous http server within the Snort forums, part of the System Security and Security Related category; -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Pardon my ignorance, but can someone please explain to me this particular signature? ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-18-2004
|
|||
|
|||
[Snort-users] anomalous http server
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 Hi Pardon my ignorance, but can someone please explain to me this particular signature? My understanding of it is that it detects any HTTP traffic on non HTTP ports(by which I'm assuming 80 and the HTTPS port). But since the client's port is never 80, then it basically tags all information that's being sent from the client and sent from the http server(port 80) to the client's browser(port != 80). Any clarifications appreciated -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAMuT8W/g4AbYsjJoRAnkUAJ9i9Yo7s8o388Pxm+t4ETcB3nCakgCeIrFS ngOlYL8OVpyrPEgS/xz37MY= =Hd3P -----END PGP SIGNATURE----- ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
