Re: Statefull Packer Inspection against Malware attacks!

From: Greg Hennessy (
Date: 08/17/04

Date: Tue, 17 Aug 2004 14:37:09 +0100

On Tue, 17 Aug 2004 12:00:58 +0100, Nigel Wade <> wrote:

>> Would you trust SecurityFocus' opinion?
>> If not, how about the Netfilter page itself?
>That's almost totally useless in terms of content filtering.

We've tried telling him that.

If one wanted to filter and block http requests in this manner, tools like
snort-inline & snortsam would do the job just nicely.

I must confess a wee chuckle at his assertions that he's used it to block
worm traffic allegedly.


Es ist mein Teil - nein 
Mein Teil - nein 
Denn das ist mein Teil - nein 
Mein Teil - nein 

Relevant Pages