[Snort-users] NIPS Rules

Manojit Ghosh a46105 at gmail.com
Tue Aug 22 02:12:53 EDT 2017


I was hoping to block them using snort. I am in a wireless network.

On Mon, Aug 21, 2017 at 11:55 PM, Manojit Ghosh <a46105 at gmail.com> wrote:

> Hi,
>
> I have installed Snort 2.9.9.0 on windows 7 professional 32 bit and
> running it using the command snort -i 3 -c C:\Snort\etc\snort.conf -A fast.
> In the alert.ids file, I see a lot of reset outside window alerts, such as
> this, 08/21-23:16:37.473511  [**] [129:15:1] Reset outside window [**]
> [Classification: Potentially Bad Traffic] [Priority: 2] {TCP}
> XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:443 ->
> XXXX:XXXX:XXXX:XXXX:XXXX:57462. I have reason to believe that these
> alerts are the result of malicious activities. I want to protect my network
> from these attacks. Please provide me the precise instructions to prevent
> these attacks, i.e. the rule(s), the file to place the rule(s) in, & the
> location of the file.
>
> --
> Manojit Ghosh
> CEO, A Joshing Moth
> ajoshingmoth.blogspot.in
>
> *Disclaimer:*
> This e-mail contains privileged and confidential information intended
> solely for the use of the addressee(s). If you are not the intended
> recipient, please notify the sender by e-mail and delete the original
> message. Further, you are not to copy, disclose, or distribute this e-mail
> or its contents to any other person and any such actions are unlawful. This
> e-mail may contain viruses. The sender has taken every reasonable
> precaution to minimize this risk, but is not liable for any damage you may
> sustain as a result of any virus in this e-mail. You should carry out your
> own virus checks before opening the e-mail or attachment. The sender
> reserves the right to monitor and review the content of all messages sent
> to or from this e-mail address. Messages sent to or from this e-mail
> address may be stored on the e-mail system.
> *End of Disclaimer*
>



-- 
Manojit Ghosh
CEO, A Joshing Moth
ajoshingmoth.blogspot.in

*Disclaimer:*
This e-mail contains privileged and confidential information intended
solely for the use of the addressee(s). If you are not the intended
recipient, please notify the sender by e-mail and delete the original
message. Further, you are not to copy, disclose, or distribute this e-mail
or its contents to any other person and any such actions are unlawful. This
e-mail may contain viruses. The sender has taken every reasonable
precaution to minimize this risk, but is not liable for any damage you may
sustain as a result of any virus in this e-mail. You should carry out your
own virus checks before opening the e-mail or attachment. The sender
reserves the right to monitor and review the content of all messages sent
to or from this e-mail address. Messages sent to or from this e-mail
address may be stored on the e-mail system.
*End of Disclaimer*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170822/ed2a8410/attachment.html>


More information about the Snort-users mailing list