Home page logo
/

snort logo Snort mailing list archives

Re: help with issue, may not be snort related
From: Joel Esler <jesler () sourcefire com>
Date: Wed, 1 May 2013 15:10:14 -0400

On May 1, 2013, at 1:58 PM, Pete Keller <pkeller () billbarrettcorp com> wrote:

I was advised by the Information Systems Security Officer at a US government website (that my end users cannot 
access) to call snort.org “and explain(ed) what’s happening to your company.”
 
Please send helpful redirects as necessary.
 
I contacted the support group for the eia.gov website letting them know that we have not been able to access their 
website for the past month. I have reviewed our systems and we are not blocking access to their servers at all. After 
giving all the information I could about the issue to the eia.gov support group, I have been informed by them that
 
“EIA has not blocked you,  EIA uses commercial security products, which are updated by vendors which have the ability 
to block IP addresses of known/suspected harmful sites.  If this has occurred to your organization/company, you must 
contact internet security businesses that monitor and blacklist IP traffic on the internet [i.e., SNORT.ORG]. EIA has 
no control over the addition/deletion of IP addresses from the aforementioned lists.”
 
I have run multiple searches online to see if our public IP address is in any publicly available black list and 
cannot find it.  The support tech at eia.gov has stated that our public IP is on a black list but I cannot confirm 
his statement.  I understand thateia.gov will not want to tell me which product they are using for security, but that 
makes my ability to contact Internet security business that monitor and blacklist IP traffic difficult.

Pete,

Thanks for writing in, the blacklist that is being mentioned is maintained by us (Sourcefire) and is used in our 
products and is available as well for Open Source Snort.  I've had a couple people write into me about not being able 
to access eia.gov, and they were all for the same reason. 

Please send me your public IP off list and I can look into the situation and let you know exactly why you are on the 
blacklist, I'll remove you, and give you a direction about how to fix the problem.

Thanks.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
------------------------------------------------------------------------------
Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET
Get 100% visibility into your production application - at no cost.
Code-level diagnostics for performance bottlenecks with <2% overhead
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap1
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault