官網放出用 snort-2.4.3.tar.gz加上 patch方式，編譯 snort_inline-2.4.3RC2.diff

Quote:

Hi everyone!

Today is the day Will is getting married with his bride Lindsay. Thats
why todays release is dubbed "The Wedding Release". Before i tell you
guys about the release i want to wish William and Lindsay all the best
together! Congratulations and have fun on your honeymoon!

[閱讀全文]

sticky-drop 擋掉連續攻擊的來源 ip一段時間，記錄於 /var/log/snort/stickyd.log

preprocessor stickydrop: max_entries 3000,log
preprocessor stickydrop-timeouts: sfportscan 3000, portscan2 3000, clamav 3000
preprocessor stickydrop-ignorehosts: 192.168.0.0/24 192.168.1.12 192.168.1.13

bait-and-switch 使用到 iptables重導連續攻擊的來源 ip，bands.log

preprocessor bait-and-switch: max_entries 200,log,insert_before
preprocessor bait-and-switch-ignorehosts: 192.168.1.0/24

[閱讀全文]

[閱讀全文]

[Q.]

checking dnet.h usability... yes
checking dnet.h presence... yes
checking for dnet.h... yes
checking for eth_set in -ldnet... no

   ERROR!  Libdnet header not found, go get it from
   http://libdnet.sourceforge.net or use the --with-dnet-*
   options, if you have it installed in an unusual place

[A:] ./confugre --with-dnet-includes=/usr/local/include/dnet.h
    
但這個引發下個問題

[閱讀全文]

哇咧，忘記在那裡引用的了

用法: 1. RAR  -  <@listfiles...>
         RAR <命令> -<開關><壓縮檔檔名> <@檔案文字列表><檔案...>
      2. RAR (直接鍵入 RAR 後按 ENTER 鍵,使用全螢幕視窗操作!
Commands(命令):
  a    Add files to archive          壓縮（加入）檔案到壓縮檔內         
  u    Update files in archive       更新並加入原本沒有的檔案到壓縮檔內
  f    Freshen files in archive      更新已有的的檔案到壓縮檔內    
  m[f] Move to archive [files only]  搬移檔案到壓縮檔內

[閱讀全文]

在ubuntu6.06.1
[Q1:] 裝amavisd-new、clamav-daemon、clamav，amavisd-new預設沒有 啟動anti-virus、anti-spam
[A1:] 查README.Debian，修改/etc/amavis/conf.d/15- content_filter_mode把註解拿掉，restart amavis

[閱讀全文]