OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Fyodor (fygravetigerteam.net)
Date: Wed Mar 28 2001 - 13:55:49 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    FYI :)

    ----- Forwarded message from sniph <sniph00YAHOO.COM> -----

    From: sniph <sniph00YAHOO.COM>
    Date: Tue, 27 Mar 2001 02:20:50 -0800
    To: FOCUS-IDSSECURITYFOCUS.COM
    Subject: Announce: snot 0.85a released
    Reply-To: sniph <sniph00YAHOO.COM>

    Announcing the release of snot 0.85a, a general
    purpose snort alert generator and all round nids decoy
    tool.

    Download snot from http://www.geocities.com/sniph00

    snot allows unix and windows users to trigger
    arbitrary snort alerts, by reading a snort rules file.
    source and destination addresses can be overridden at
    the command line, or read as input from the snort
    rules. It requires libnet to be installed, and on
    windows also the pcap driver from Politecnico di
    Torino. Read the readme.txt for more information.

    This tool has been known to annoy your system
    administrator, fill peoples hard disks, make it
    terribly frustrating to identify attackers, and kill
    realsecure sensors.

    It is alpha code, and whilst it has been tested to run
    cleanly on nt4, nt2k, redhat and openbsd, it still has
    bugs - if you find them, i'll try and fix them.

    If anyone has any mechanisms for getting the triggers
    out of realsecure, NetworkICE, or any other NIDS,
    please mail me.

    How is the NIDS industry going to fix this? Stateful
    inspection for tcp.. NIDS behind firewall.. make
    triggers response based only.. only one thing is for
    sure, pattern matching is only part of the solution.

    Please contact me for all suggestions, patches,
    comments or abuse at sniph00yahoo.com

    thanks to 3rr0r for help getting this to market,
    Victoria Bitter for helping delay this, and that guy
    that wrote stick for beating me to the punch.

    __________________________________________________
    Do You Yahoo!?
    Get email at your own domain with Yahoo! Mail.
    http://personal.mail.yahoo.com/?.refer=text

    ----- End forwarded message ----- 

    -- 
http://www.notlsd.net
PGP fingerprint = 56DD 1511 DDDA 56D7 99C7  B288 5CE5 A713 0969 A4D1

    _______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users