[Snort-users] Fwd: How to detect OS with Snort?
borja.luaces at ...11827...
Tue May 8 15:25:26 EDT 2012
i know that Nmap is a better tool but the fact is that the rule is to
detect specific attacks from windows OS. The company I work for does not
allow me to install anything else. I have to do it with snort this is why I
am trying that rule but it seems not to work.
Another fact is that I can not access snort logs to try to know why the
rule is not working.
I have just implemented a VM with snort to try the rules before launching
them into the main IDS.
Borja Luaces Altares
Administrador/Analista de Sistemas (MCSE Security,C|EH & CSSA)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users