From an article on Slashdot covering an aspect of the WMF Windows exploit:
“…the exploit is arranged in such a manner that it cannot be detected by most intrusion detection systems (the snort rule will peg the CPU on your router) nor filtered by packet-inspecting firewalls (it spans two or more ethernet frames).”
Why oh why would snort be running on the router? A simple typo like this can be a catalyst to enflame the evil machinations of people on unnamed open source firewall lists to IDSify the base router system.
…or it could just be the booze talkin’
0 Responses to “Snort Router 2.dumb”