<nettime> WEF attack and homework

ricardo dominguez on Thu, 11 Apr 2002 07:46:23 +0200 (CEST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> WEF attack and homework

To: <nettime-l@bbs.thing.net>
Subject: <nettime> WEF attack and homework
From: "ricardo dominguez" <rdom@thing.net>
Date: Wed, 10 Apr 2002 10:46:44 -0400
Reply-to: "ricardo dominguez" <rdom@thing.net>

Any helpful hints for this poor "intrursion and dection" student?

r

----- Original Message ----- 
From: "Julien Delfosse" <delfosse@student.fsa.ucl.ac.be>
To: <rdom@thing.net>
Sent: Wednesday, April 10, 2002 10:21 AM
Subject: WEF attack


> Hi,
> 
> I'm currently following a course about intrusion
> detection and security with Marc Dacier.
> 
> I had to study your attack against WEF, which is
> quite easy to understand, but the second part
> seems more difficult to me : I have to detect this
> attack (possibly before it's too late) and block
> it if possible.  We're supposed to use snort as
> firewall, but imho it's impossible to detect the
> attack without a statefull firewall (all HTTP
> requests are valid, without stats about traffic
> it's imposiible to do anything)
> 
> Do you have an idea of what I could do with snort
> ?
> 
> Thanks in advance.
> 
> Julien Delfosse

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net

Prev by Date: <nettime> Palestina [5x]
Next by Date: Re: <nettime> Palestina [5x]
Previous by thread: Re: <nettime> Palestina [5x]
Next by thread: <nettime> Open Dialog
Index(es):
- Date
- Thread