[Snort-users] letdown, dos attempt not detecting

Leonardo Pezente lmpezente at ...11827...
Tue Dec 11 11:45:59 EST 2012


im testing snort attacking it with a tool called "letdown".it is a tcp
floder. The think is: im not able to detect what could be a potencial dos
attack.
Letdown generate like 65000 syn packets, so this should be detect fot
snort. I have uncomment the dos and ddos rules, but no deal. so im tring to
create a rule to detct this kind of traffic. Is that possible? any idea how
i can do that?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121211/4a391e49/attachment.html>


More information about the Snort-users mailing list