Date: Fri, 11 May 2001 00:42:09 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Sheldon Hearn <sheldonh@starjuice.net> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD IDS to babysit Microsoft hosts Message-ID: <20010511004209.A18132@xor.obsecurity.org> In-Reply-To: <70569.989564803@axl.fw.uunet.co.za>; from sheldonh@starjuice.net on Fri, May 11, 2001 at 09:06:43AM %2B0200 References: <70569.989564803@axl.fw.uunet.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
--YiEDa0DAkWCtVeE4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, May 11, 2001 at 09:06:43AM +0200, Sheldon Hearn wrote: > I want an IDS that uses a "database" of problematic signatures and looks > for those in TCP streams to and from a finite list of hosts on the same > ethernet segment. The signatures I'm particularly interested in are > those that may identify attempts to exploit vulnerabilities in Windows > servers running IIS, pcAnywhare and Cold Fusion. You want snort (in ports) Kris --YiEDa0DAkWCtVeE4 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6+5fQWry0BWjoQKURAnv+AKC9I5ygBaPAd999jOMymetk2B5D0QCgoGOO +agRUibyAYakuAVTGr/yvLI= =2HSJ -----END PGP SIGNATURE----- --YiEDa0DAkWCtVeE4-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010511004209.A18132>