mailing list archives
Re: help with issue, may not be snort related
From: Joel Esler <jesler () sourcefire com>
Date: Wed, 1 May 2013 15:10:14 -0400
On May 1, 2013, at 1:58 PM, Pete Keller <pkeller () billbarrettcorp com> wrote:
I was advised by the Information Systems Security Officer at a US government website (that my end users cannot
access) to call snort.org “and explain(ed) what’s happening to your company.”
Please send helpful redirects as necessary.
I contacted the support group for the eia.gov website letting them know that we have not been able to access their
website for the past month. I have reviewed our systems and we are not blocking access to their servers at all. After
giving all the information I could about the issue to the eia.gov support group, I have been informed by them that
“EIA has not blocked you, EIA uses commercial security products, which are updated by vendors which have the ability
to block IP addresses of known/suspected harmful sites. If this has occurred to your organization/company, you must
contact internet security businesses that monitor and blacklist IP traffic on the internet [i.e., SNORT.ORG]. EIA has
no control over the addition/deletion of IP addresses from the aforementioned lists.”
I have run multiple searches online to see if our public IP address is in any publicly available black list and
cannot find it. The support tech at eia.gov has stated that our public IP is on a black list but I cannot confirm
his statement. I understand thateia.gov will not want to tell me which product they are using for security, but that
makes my ability to contact Internet security business that monitor and blacklist IP traffic difficult.
Thanks for writing in, the blacklist that is being mentioned is maintained by us (Sourcefire) and is used in our
products and is available as well for Open Source Snort. I've had a couple people write into me about not being able
to access eia.gov, and they were all for the same reason.
Please send me your public IP off list and I can look into the situation and let you know exactly why you are on the
blacklist, I'll remove you, and give you a direction about how to fix the problem.
Senior Research Engineer, VRT
OpenSource Community Manager
Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET
Get 100% visibility into your production application - at no cost.
Code-level diagnostics for performance bottlenecks with <2% overhead
Download for free and get started troubleshooting in minutes.
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
Please visit http://blog.snort.org to stay current on all the latest Snort news!