[Snort-sigs] Questions 101

Esler, Joel Contractor EslerJ at ...785...
Thu Apr 3 12:55:37 EST 2003


To create a rule to look for specific IP's regardless of content would be???

alert tcp <IP> any -> $home_net any; (MSG:<IP>; content:""; nocase;
classification:misc-activity;)

??

Joel




More information about the Snort-sigs mailing list