[Snort-users] Packet Contents using IDS Mode
Tay Chee Yong
tcy at ...8934...
Fri May 2 03:14:53 EDT 2003
A couple of questions:
1) May I know what should be configured if I need to log the contents of packets
into the alert file? (Can't seems to find any info from the archive)
2) For example, if I were to specify a rule in the snort.conf to detect TCP SYNC
Attacks, is there any snort function that is able to detect the attack when a
certain threshold is met?
Any advise is appreciated.
More information about the Snort-users