|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Snort-users] Using Snort & DB to remove false alarms
From: Brian (bmc
snort.org)
Date: Tue Apr 06 2004 - 19:29:43 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Apr 07, 2004 at 11:31:44AM +1200, Jason Haar wrote:
> I think this is an excellent idea - but it's a wheel that shouldn't be
> re-invented.
>
> Nessus had exactly this issue to contend with, so all that can be stolen
> should be from it to do it right.
Uh, not really. Nessus attempts to retrieve a page that doesn't exist,
forcing the issue on checking 404 banners. If you don't do that, how
would you ever know that the "OK 200" that you get back is really an OK?
Brian
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]