[Snort-users] Honeypot Project ruleset

Steve Halligan agent33 at ...187...
Thu Nov 29 12:51:02 EST 2001

> Hello,
> Where could I get the ruleset used by Honeypot
> Project?
> Thanks in advance.
Honeynets generally log all packets in and out of the network, since all
packets would be suspect.  So a honeynet ruleset would look someting like:

alert ip any any -> any any (msg: Traffic;)



More information about the Snort-users mailing list