On Aug 20, 7:58 pm, Thorne Lawler <[EMAIL PROTECTED]> wrote: > I'm sure there was some solid reasoning behind the default fixed value for > active-response.timeout. I'd love to hear it if anyone knows what it was. > Ever heard of the term "spoofing"? Think about if someone malicious spoofed the ip addresses of valid hosts and blocked them all. This would be an easy way to make a server useless. http://en.wikipedia.org/wiki/IP_address_spoofing
- [ossec-list] Wishlist: Active response for the longer te... Thorne Lawler
- [ossec-list] Re: Wishlist: Active response for the ... Jeff Schroeder
- [ossec-list] Re: Wishlist: Active response for ... [EMAIL PROTECTED]
