From owner-freebsd-questions Fri May 11 0:42:17 2001 Delivered-To: freebsd-questions@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-32.dsl.lsan03.pacbell.net [63.207.60.32]) by hub.freebsd.org (Postfix) with ESMTP id F3EF537B422 for ; Fri, 11 May 2001 00:42:09 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 68CE266C04; Fri, 11 May 2001 00:42:09 -0700 (PDT) Date: Fri, 11 May 2001 00:42:09 -0700 From: Kris Kennaway To: Sheldon Hearn Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD IDS to babysit Microsoft hosts Message-ID: <20010511004209.A18132@xor.obsecurity.org> References: <70569.989564803@axl.fw.uunet.co.za> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="YiEDa0DAkWCtVeE4" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <70569.989564803@axl.fw.uunet.co.za>; from sheldonh@starjuice.net on Fri, May 11, 2001 at 09:06:43AM +0200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --YiEDa0DAkWCtVeE4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, May 11, 2001 at 09:06:43AM +0200, Sheldon Hearn wrote: > I want an IDS that uses a "database" of problematic signatures and looks > for those in TCP streams to and from a finite list of hosts on the same > ethernet segment. The signatures I'm particularly interested in are > those that may identify attempts to exploit vulnerabilities in Windows > servers running IIS, pcAnywhare and Cold Fusion. You want snort (in ports) Kris --YiEDa0DAkWCtVeE4 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6+5fQWry0BWjoQKURAnv+AKC9I5ygBaPAd999jOMymetk2B5D0QCgoGOO +agRUibyAYakuAVTGr/yvLI= =2HSJ -----END PGP SIGNATURE----- --YiEDa0DAkWCtVeE4-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message