[Snort-sigs] ftp rules

Adonis Okpidi adonisokpidi at ...2420...
Thu Oct 22 15:20:58 EDT 2015


You can use 'drop' instead of 'alert'

Best Regards,
Adonis Okpidi


> On 22 Oct 2015, at 18:28, santhoj san <santhojirulappan at ...2420...> wrote:
> 
> Hi, Can anyone help me in how to make a rule to drop the packets.
> 
> Thanks & Regards
> Santhoj Irulappan
> 
>> On Thu, Oct 22, 2015 at 9:12 PM, Adam Ring <adam.ring at ...4072...> wrote:
>> Yea I just found out about the protocol-ftp rules.  Thanks.
>> 
>>  
>> 
>> From: Joel Esler (jesler) [mailto:jesler at ...3865...] 
>> Sent: Thursday, October 22, 2015 11:42 AM
>> To: Adam Ring
>> Cc: snort-sigs at lists.sourceforge.net
>> Subject: Re: [Snort-sigs] ftp rules
>> 
>>  
>> 
>> Take a look at protocol-ftp.rules
>> 
>>  
>> 
>>  
>> 
>> --
>> 
>> Joel Esler
>> 
>> Manager, Talos Group
>> 
>>  
>> 
>>  
>> 
>>  
>> 
>> On Oct 22, 2015, at 8:55 AM, Adam Ring <adam.ring at ...4074...> wrote:
>> 
>>  
>> 
>> Hi I am new to snort and was trying to create an ftp rule.  I have downloaded the rules from the website, but in the ftp file there aren’t any rules in there.  I was wondering if that was supposed to be empty and if it is, is there a place where I can go to find some examples of ftp rules?
>> 
>>  
>> 
>> Adam Ring
>> 
>> IT Help Desk Techniction
>> 
>> Office 703.677.9540 
>> 
>>  
>> 
>> AOC Solutions | Solutions That Pay®
>> 
>>  
>> 
>> Blog | Video | LinkedIn
>> 
>>  
>> 
>> <image001.png>
>> 
>>  
>> 
>>  
>> 
>> This e-mail and any attachments may contain confidential and privileged
>> information. If you are not the intended recipient, please notify the sender
>> immediately by return e-mail, delete this e-mail and attachments (if applicable)
>> and destroy any copies. Any dissemination or use of this information by a person
>> other than the intended recipient is unauthorized and strictly prohibited. You
>> may be subject to confidentiality restrictions in an existing contract with AOC
>> Solutions, Inc. As a result, you must protect the contents of this communication
>> according to such terms and conditions.
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> Snort-sigs mailing list
>> Snort-sigs at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/snort-sigs
>> http://www.snort.org
>> 
>> 
>> Please visit http://blog.snort.org for the latest news about Snort!
>> 
>>  
>> 
>> This e-mail and any attachments may contain confidential and privileged
>> information. If you are not the intended recipient, please notify the sender
>> immediately by return e-mail, delete this e-mail and attachments (if applicable)
>> and destroy any copies. Any dissemination or use of this information by a person
>> other than the intended recipient is unauthorized and strictly prohibited. You
>> may be subject to confidentiality restrictions in an existing contract with AOC
>> Solutions, Inc. As a result, you must protect the contents of this communication
>> according to such terms and conditions.
>> 
>> ------------------------------------------------------------------------------
>> 
>> _______________________________________________
>> Snort-sigs mailing list
>> Snort-sigs at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/snort-sigs
>> http://www.snort.org
>> 
>> 
>> Please visit http://blog.snort.org for the latest news about Snort!
> 
> ------------------------------------------------------------------------------
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
> http://www.snort.org
> 
> 
> Please visit http://blog.snort.org for the latest news about Snort!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20151022/8546da6c/attachment.html>


More information about the Snort-sigs mailing list