[Snort-sigs] DDoS Rule

Joel Esler (jesler) jesler at ...3865...
Sun Feb 8 19:54:26 EST 2015

That's a large request.  I'd begin by taking a look at the existing Ruleset for "denial-of-service"

Joel Esler
Sent from my iPhone

On Feb 8, 2015, at 7:52 PM, Eugene Grama <eugene.grama at ...2420...<mailto:eugene.grama at ...2420...>> wrote:


Good day everyone, hope that everyone is doing fine.

I'm a newbie in snort, and still in learning process.

Can I ask for your kind advice on how I can setup a rule that will detect DDoS.

Thank you very much and Best regards,

Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
Snort-sigs mailing list
Snort-sigs at lists.sourceforge.net<mailto:Snort-sigs at lists.sourceforge.net>

Please visit http://blog.snort.org for the latest news about Snort!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20150209/cd63a36d/attachment.html>

More information about the Snort-sigs mailing list