[Snort-sigs] Kerberos login failure detection
Micheal Cottingham
micheal.cottingham at ...2462...
Thu May 6 08:47:02 EDT 2004
I've tried
http://marc.theaimsgroup.com/?l=snort-sigs&w=2&r=1&s=kerberos&q=b and
several variations of it, but I cannot for the life of me get Snort to
detect anything from this. His rule was really close to my own packet
analysis, but it doesn't seem to work. Windows 2000, Active Directory.
Any suggestions? Much appreciated.
Micheal Cottingham
_____________________________________
Micheal Cottingham, Comptia A+
micheal.cottingham at ...2462...
1-434-949-1078
More information about the Snort-sigs
mailing list