LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page blocking forum spam with snort rule?
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-04-2002, 12:31 PM   #1
JustinHoMi
Member
 
Registered: Apr 2001
Location: Raleigh, NC
Distribution: CentOS
Posts: 154

Rep: Reputation: 30
blocking forum spam with snort rule?

Howdy. My forums got spammed a couple weeks ago, and I was trying to think of methods to keep it from happening again. Would a snort rule be able to accomplish this? I'm fairly new to snort, but I should be able to follow

Thanks,
Justin
 
Old 02-04-2002, 05:50 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Yes, a snort rule could do this, provided you attached some 3rd party app to it thatll handle dispatching fw rules, and if we're to match something in the content field, like a username.
OTOH, it would be crude, but if you can trace 'em back, to just deny usage to their netblock?..

Anyway, some more info on how you handle board logins, how it was flooded, what ip addresses they're sposed to be from, if it's spoofed, etc etc would be welcome.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Help with my snort rule set PixelCloud Linux - Security 1 07-17-2004 01:35 PM
W32/Sober-B worm snort rule????? netmon Linux - Security 1 12-18-2003 02:57 PM
snort rule update script netmon Linux - General 1 10-03-2003 06:31 PM
Snort, P2P rule and 1432 Alert.... shelby Linux - Security 1 06-20-2003 02:10 PM
Snort, test rule, XST unSpawn Linux - Security 0 01-22-2003 06:53 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:59 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration