Re: [Full-Disclosure] MS should point windowsupdate.com to 127.0.0.1
From: Jeremiah Cornelius (jeremiah_at_nur.net)
Date: 08/15/03
- Previous message: Christopher Lyon: "RE: [Full-Disclosure] msblast DDos counter measures (More Insight Maybe?)"
- In reply to: Paul Schmehl: "RE: [Full-Disclosure] MS should point windowsupdate.com to 127.0.0.1"
- Next in thread: Schmehl, Paul L: "RE: [Full-Disclosure] MS should point windowsupdate.com to 127.0.0.1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Paul Schmehl" <pauls@utdallas.edu> Date: Fri, 15 Aug 2003 10:34:27 -0700
> BTW, guys, the box was secured over a year ago. Blaster never got it,
> neither did Slammer, Code Red, Nimda, or any of the others. I really
> *wasn't* asking for help. I was *trying to get you to think before
opening
> your mouth and insulting two thirds of the readers of this list. Sadly,
> I'm not sure it worked.
>
Paul,
Yours was EXACTLY the scenario for which HOGWASH - a filtering proxy based
on snort - was written. The hogwash project was eventually due to be folded
back into the mainline snort code base. I don't know if this has happened
yet.
http://hogwash.sourceforge.net/docs/overview.html
-- Jeremiah Cornelius _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Christopher Lyon: "RE: [Full-Disclosure] msblast DDos counter measures (More Insight Maybe?)"
- In reply to: Paul Schmehl: "RE: [Full-Disclosure] MS should point windowsupdate.com to 127.0.0.1"
- Next in thread: Schmehl, Paul L: "RE: [Full-Disclosure] MS should point windowsupdate.com to 127.0.0.1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
