[Snort-users] putting in the Snort rules and dump results in Syslogd

mr leokenzie tenminustwo at ...125...
Mon Mar 14 22:39:18 EST 2005

Where do I put the Snort rules for example:
alert tcp $EXTERNAL_NET any -> $HOME_NET 139
(msg: "DOS SMBdie attack"; flags: A+; content:"|57724c65680042313342577a|";)
and check whether the SNORT rule is works?
How can I set it up so that the results will be displayed in the Syslogd.

Express yourself instantly with MSN Messenger! Download today - it's FREE! 

More information about the Snort-users mailing list