[Snort-users] geting this rule to work

Jeremy Hoel jthoel at ...11827...
Sun Dec 2 03:54:24 EST 2012


Well.. to some degree this is true.  But different OS's have different
flags and options set depending on options, OS, versions, etc.  In the
same way that nmap can figure out OS's by there responses, you could
probably right rules that look for those same fingerprints in bit
options.


On Sat, Dec 1, 2012 at 9:31 AM, waldo kitty <wkitty42 at ...14940...> wrote:
> networking is networking is networking... you can't really write OS specific
> rules for general tasks like networking...




More information about the Snort-users mailing list