Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
On Sunday 06 November 2005 10:03 am, aa6qn@... wrote:
> I could use some help here. I have emerged Snort on my system here (along
> with SnortSnarf) and have been watching the alerts. What is causing my
> concern it that my server is being reported as a source for serveral web
> based attack signatures to a host of unknown destinations. I have spent
> some time cleaning and rebuilding the server with no luck until I turned
> off Squid.
Could you please paste in copies of the warnings/alerts;log entries you are
seeing?
Also, have you done a packet capture manually on that port to see what is
going on?
It is about equally likely that snort is giving you a false positive as it is
that anything is wrong with squid...
Regards,
- Brian
--
gentoo-security@g.o mailing list
|
|
