[Snort-users] Worm detection in LAN

Balasubramaniam Natarajan bala150985 at ...11827...
Tue Dec 11 04:29:30 EST 2012

On Sat, Dec 8, 2012 at 6:01 AM, reshma purushothaman <
reshmapurushothaman at ...11827...> wrote:

> Hello
> We are trying to implement a project using SNORT tool. It is a client
> –server communication system. On receiving the packet from a system which
> has a worm, the snort tool in the server needs to detect the address of the
> client  from which the packet was sent and also  reject the packet. The
> server needs to get the information regarding the IP address of the client,
> the file name of the rejected packet and also a confirmation that the
> packet has been rejected.

What is that you are looking in the packet which signifies worm activity ?

Balasubramaniam Natarajan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121211/de0bc739/attachment.html>

More information about the Snort-users mailing list