[Gllug] latest zero day Word flaw
Chris Bell
chrisbell at overview.demon.co.uk
Fri Dec 8 09:36:10 UTC 2006
On Thu 07 Dec, - Tethys wrote:
>
> On 12/7/06, Chris Bell <chrisbell at overview.demon.co.uk> wrote:
>
> > I am running a firewall with the Snort intrusion detection system
>
> Just curious... what good does it do you? I've always been somewhat
It does supply a report as well as block, and yes, I have reported
attacks to the relevant ISPs. It can also watch for signs of infection on
local machines through outgoing checks. Unfortunately some are fairly recent
additions to the range of checks, and last year it failed to spot that
someone was using a M$ PC infected with a keylogger. I do not know all the
vulnerabilities, especially those that apply to a system that I do not use
myself, there have been over 8000 check rules. I can see other details, such
as traffic information, it can do some traffic shaping, port forwarding,
etc. Some items can be checked through other facilities, but IPCop is a
system which is simple to install, configure, and use, and if a few more
sites had something similar it might reduce some of the junk on the
internet.
--
Chris Bell
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list