[Snort-users] brute force
wkitty42 at ...14940...
Mon Jun 24 12:15:32 EDT 2013
On 6/23/2013 17:41, Balla István wrote:
> I have a question about how Snort detects and prevent brute force attacks.
> E.g.: I use hydra to bruteforce a remote SSH server knowing the username and
> going thru a list of possible pwds.
rules would be written either with thresholds built into them or one would use
the threshold.conf file on those rules... this to be able to quantify the number
of attempts within X period of time...
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-users