[Snort-sigs] Snort rules
snort at outlook.com
Sun Jul 22 14:58:58 EDT 2018
I will assume you already have the registered ruleset. Look for sid:19559 (INDICATOR-SCAN SSH brute force login attempt).
From: Snort-sigs <snort-sigs-bounces at lists.snort.org> on behalf of Jean Michel Tangu? via Snort-sigs <snort-sigs at lists.snort.org>
Sent: Sunday, July 22, 2018 9:49 PM
To: snort-sigs at lists.snort.org
Subject: [Snort-sigs] Snort rules
please it's an emergency .. I need the rule that triggers an alert automatically when more than two or three ssh login attempts have been made
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-sigs