[Snort-users] Snort on WindowsXP
wkitty42 at ...14940...
Sat Jul 6 09:20:41 EDT 2013
On 7/6/2013 02:19, MCLEOD, DONNIE wrote:
> Hi Snort users,can someone help with code alert for Snort to detect shell code
> on the above conf Snort is run in IDS mode using the following command line;
> snort -c C:\snort\etc\snort.conf -l C:\snort\log -i 1
> Iam trying to get the IDS to trigger an alert on detection,thanks.
is this a school assignment?
there are already (139) existing shellcode related rules available... do they
not fit your needs?
grep -i -E "shellcode" /path/to/your/rules/*.rules
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-users