[Snort-users] Detecting worms
Maetzky, Steffen (Extern)
Steffen.Maetzky at ...11508...
Wed Aug 18 01:22:28 EDT 2004
....to block all known worms...?
Do you use available rules for it or would you share your rules?
Thanks in advance,
Von: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] Im Auftrag von Alex
Gesendet: Dienstag, 17. August 2004 09:42
An: Rogier Gerritse; snort-users at lists.sourceforge.net
Betreff: Re: [Snort-users] Snort 1.9.1/Spade/Snortcenter
--On 10 August 2004 16:56 +0200 Rogier Gerritse <Rogier at ...12273...>
> First post on this list so: "Hi all"
> I'm running Snort on RH7.3 I've used the document by Steven J. Scott
> and the systems been running stable for a while now. I was using Snort
> 2.1.3 and used the react:block response to block all known worm and
> virus traffic which worked fine.
> Now I'm running Snort 1.9.1 and Spade 030125.1. When I add the Spade
> detector rules the following happens in SnortCenter 0.9.6:
SPADE isn't supported by Snortcenter. My advice is to give up on Snortcenter
now, or start hacking on Snortcenter2
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users