[Snort-users] Zombie detection rules

Paul Li paul at ...17768...
Wed Feb 15 23:32:18 EST 2017


Is there any snort rule for zombies detection: to detect if the devices
snort is monitoring are used as zombies. Or some rules that can detect
large outgress traffic from a monitored device would also work.

Thanks,
Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170215/c8cc7458/attachment.html>


More information about the Snort-users mailing list