[Snort-users] putting in the Snort rules and dump results in Syslogd

mr leokenzie tenminustwo at ...125...
Mon Mar 14 22:39:18 EST 2005


Where do I put the Snort rules for example:
alert tcp $EXTERNAL_NET any -> $HOME_NET 139
(msg: "DOS SMBdie attack"; flags: A+; content:"|57724c65680042313342577a|";)
and check whether the SNORT rule is works?
How can I set it up so that the results will be displayed in the Syslogd.
Thanks

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/





More information about the Snort-users mailing list