[Snort-users] putting in the Snort rules and dump results in Syslogd
tenminustwo at ...125...
Mon Mar 14 22:39:18 EST 2005
Where do I put the Snort rules for example:
alert tcp $EXTERNAL_NET any -> $HOME_NET 139
(msg: "DOS SMBdie attack"; flags: A+; content:"|57724c65680042313342577a|";)
and check whether the SNORT rule is works?
How can I set it up so that the results will be displayed in the Syslogd.
Express yourself instantly with MSN Messenger! Download today - it's FREE!
More information about the Snort-users