[Snort-sigs] ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack

ARUN LAL arunlal7701 at ...2420...
Mon Feb 29 08:08:04 EST 2016


Hi All,


Currently we are facing BruteForce Attack from server IP's to our server
and our IP tables didn't block any IP. Could you please suggest in which
rule i need to add in the snort(Please mention config file).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20160229/5702719e/attachment.html>


More information about the Snort-sigs mailing list