Re: Statefull Packer Inspection against Malware attacks!
From: Greg Hennessy (me_at_privacy.net)
Date: Tue, 17 Aug 2004 14:37:09 +0100
On Tue, 17 Aug 2004 12:00:58 +0100, Nigel Wade <email@example.com> wrote:
>> Would you trust SecurityFocus' opinion?
>> If not, how about the Netfilter page itself?
>That's almost totally useless in terms of content filtering.
We've tried telling him that.
If one wanted to filter and block http requests in this manner, tools like
snort-inline & snortsam would do the job just nicely.
I must confess a wee chuckle at his assertions that he's used it to block
worm traffic allegedly.
-- Es ist mein Teil - nein Mein Teil - nein Denn das ist mein Teil - nein Mein Teil - nein