[Snort-users] Snort rule

Joel Esler jesler at ...1935...
Mon Oct 22 11:45:05 EDT 2012

On Oct 19, 2012, at 10:25 AM, shahin ali <shahin.ali01 at ...11827...> wrote:

> Hello,
>      i need help with this question. Write a snort rule to detect a DNS packet using the following details:  
> o Source IP address:  
> o Destination IP address:  
> o Write a snort rule to detect a connection attempt on the Telnet Server which has an IP  
> Address and generate alerts for packets with content ‘Telnet!’ directed to the  
> Server.  


This looks suspiciously like a homework question.  This is actually a really simple rule to write and if you look at http://manual.snort.org you should be able to figure it out easily.

Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121022/24cf9c2e/attachment.html>

More information about the Snort-users mailing list