[Snort-users] Worm detection in LAN
bala150985 at ...11827...
Tue Dec 11 04:29:30 EST 2012
On Sat, Dec 8, 2012 at 6:01 AM, reshma purushothaman <
reshmapurushothaman at ...11827...> wrote:
> We are trying to implement a project using SNORT tool. It is a client
> –server communication system. On receiving the packet from a system which
> has a worm, the snort tool in the server needs to detect the address of the
> client from which the packet was sent and also reject the packet. The
> server needs to get the information regarding the IP address of the client,
> the file name of the rejected packet and also a confirmation that the
> packet has been rejected.
What is that you are looking in the packet which signifies worm activity ?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users