Re: Active Snort Log Analyser
On Tue 2000-11-07 (15:49), Jean-François JOLY wrote:
> Those FireWalls *are* secure today but as I managed many FireWalls
> and don't have time to upgrade them to the latest software more
> than once a year, I'm quite afraid of new holes being found in
bad. a not administrated firewall becomes insecure, there is no way
to deal with this than administrating it.
> Tonight, snort reported me someone from malaysia portscanned my
> subnet and then tried to exploit a bug in ProFTPD. Happily, the
most attacks against the different ftpds I see are direct hit
attemps, the attacker does not portscan, he just attacks whole
subnets if kind of 'brute forcing'.
--
MfG/best regards, helmut springer
delta@FaVeVe.Uni-Stuttgart.DE
Life is a bitch and then you die.
Reply to: