On Tue, 22 Feb 2005 12:53:50 -0800, snort-users-request@xxxxxxxxxxxxxxxxxxxxx <snort-users-request@xxxxxxxxxxxxxxxxxxxxx> wrote: > See, at first I decided I would use this Squil IDS thing but that crazy > Russian guy that wrote down the docs said I needed to keep every packet > in a database (who has time for being a packet rat like that?) to make > sure I don't get hackered by the nerds! Well that makes a whole hell of > a lot of sense! If you keep them online in a database and you get hacked > then the hacker will be able to just copy and paste them packets and > whammo! Instant replay attack! Maybe I should I gift wrap them too? > Smart thinking there you Bolshevik dundernuts! First Northcut drops his > drawers at SANS and now this Betjitch guy wants to pinch it off for the > hackers! His book should be called Tao of Network Reach-arounds! > This is funny. Russian is close, but I think my heritage lies a little farther west of Moscow. :) Sguil does try to log packets to collect full content data, but never to a database Billy boy! That's Silent Runner, not Sguil. I'm glad you liked my book. I'm working on a sequel you'll love. Richard Bejtlich http://www.taosecurity.com ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users@xxxxxxxxxxxxxxxxxxxxx Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users