[Snort-users] Trojans and snort

Joel Esler (jesler) jesler at ...589...
Mon Apr 21 14:50:58 EDT 2014


Are you running the exploit against the machine you are trying to infect?  (i.e. the same box?)


On Apr 21, 2014, at 10:28 AM, stephanie sokhn <sokhnstephanie at ...125...<mailto:sokhnstephanie at ...125...>> wrote:

hello,
 I've downloaded a trojan on ubuntu 12.04  and accessed its shell from backtrack using metasploit. The thing is that all the alerts received from snort were about  BAD-TRAFFIC loopback traffic and nothing more.Is there something wrong with my configuration? shouldn't snort detect this kind of exploits?
Is there any additional predefined rules for snort IPS that drop packets ?

would appreciate any kind of help.

------------------------------------------------------------------------------
Start Your Social Network Today - Download eXo Platform
Build your Enterprise Intranet with eXo Platform Software
Java Based Open Source Intranet - Social, Extensible, Cloud Ready
Get Started Now And Turn Your Intranet Into A Collaboration Platform
http://p.sf.net/sfu/ExoPlatform_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140421/2cf5f1d8/attachment.html>


More information about the Snort-users mailing list