[Snort-users] SQUID scan proxy attempt
This is a discussion on [Snort-users] SQUID scan proxy attempt within the Snort forums, part of the System Security and Security Related category; Hi I'm new to snort and i had setup a very simple test configuration. In short, i run squid ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-22-2004
|
|||
|
|||
[Snort-users] SQUID scan proxy attempt
Hi
I'm new to snort and i had setup a very simple test configuration. In short, i run squid on 192.168.0.1 (and apache, snort with acid and so on...) and i have a win98(192.168.0.2) client that access the internet via this proxy server (192.168.0.1). Snort is detecting this access (from 192.168.0.2 to 192.168.0.1) as a "SCAN squid proxy attempt". We know it's not what's really happening. The server 192.168.0.1 has no firewall rules. The only access control is done with squid. Could anyone give an insight about this problem? Thanks in advance to anyone of you. -- POP. Nem parece internet grátis. Seja POP você também! Acesse: http://www.pop.com.br/discador.html e baixe o POPdiscador. ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
