[Intrusions] mpecllc.com is back on the air for now - here's asnippet from the SQUID logs
Evans, Arian
Arian.Evans at fishnetsecurity.com
Thu Jan 20 20:42:32 GMT 2005
Per below, I read your emails out of order and thought you were up
with Squid, sorry, my stupidity.
That said, if you have time it would still be nice to have a list
of the things you tried that failed, so we accelerate the learning
curve when the next one of us gets hit.
-ae
> -----Original Message-----
> From: Evans, Arian
> Sent: Thursday, January 20, 2005 10:53 AM
> To: 'Intrusions List (GCIA Practicals)'
> Subject: RE: [Intrusions] mpecllc.com is back on the air for
> now - here's asnippet from the SQUID logs
>
> David,
>
> I think the list would find it very useful
> (when you have time) if you outlined the steps
> (actions, software implementations, etc.) you
> took to deal with this issue, both successful
> and unsuccessful.
>
> For example, my assumption earlier was that an apache
> intermediary would be faster than other http aware
> solutions like Squid in filtering raw requests, but I
> have no experience trying to roll my own IPS for http
> with the _volume_ of traffic you have.
>
> Definitely want to know details when you can. Glad
> you are back on line,
>
> Arian
>
>
>
>
>
The information transmitted in this e-mail is intended only for the addressee and may contain confidential and/or privileged material.
Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities
other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication
in error, please contact us immediately at 816.421.6611, and delete the communication from any computer or network system.
More information about the Intrusions
mailing list