www.nettime.org
Nettime mailing list archives

[Nettime-bold] WEF attack and homework
ricardo dominguez on Wed, 10 Apr 2002 16:49:01 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Nettime-bold] WEF attack and homework


Any helpful hints for this poor "intrursion and dection" student?

r

----- Original Message ----- 
From: "Julien Delfosse" <delfosse {AT} student.fsa.ucl.ac.be>
To: <rdom {AT} thing.net>
Sent: Wednesday, April 10, 2002 10:21 AM
Subject: WEF attack


> Hi,
> 
> I'm currently following a course about intrusion
> detection and security with Marc Dacier.
> 
> I had to study your attack against WEF, which is
> quite easy to understand, but the second part
> seems more difficult to me : I have to detect this
> attack (possibly before it's too late) and block
> it if possible.  We're supposed to use snort as
> firewall, but imho it's impossible to detect the
> attack without a statefull firewall (all HTTP
> requests are valid, without stats about traffic
> it's imposiible to do anything)
> 
> Do you have an idea of what I could do with snort
> ?
> 
> Thanks in advance.
> 
> Julien Delfosse
> 

_______________________________________________
Nettime-bold mailing list
Nettime-bold {AT} nettime.org
http://amsterdam.nettime.org/cgi-bin/mailman/listinfo/nettime-bold