Snort mailing list archives
Re: Snort-users Digest, Vol 75, Issue 15
From: "Dang Le Nam" <lenam.cntp () gmail com>
Date: Mon, 13 Aug 2012 20:51:49 +0700
Message 3: hi experts, I'd like to use portscan preprocessor for detect nmap scan, But it' can't works, could you give me some hint? many thx! please see snort.conf as attached, I'm not sure how to do let portscan works for now! I guess you use snort more 2.9.x. Please open “#” line: 617,618 and try it ################################################### 612 # Step #8: Customize your preprocessor and decoder alerts 613 # For more information, see README.decoder_preproc_rules 614 ################################################### 615 616 # decoder and preprocessor event rules 617 include $PREPROC_RULE_PATH/preprocessor.rules 618 include $PREPROC_RULE_PATH/decoder.rules 619 # include $PREPROC_RULE_PATH/sensitive-data.rules -------------------- Đặng Lê Nam
Attachment:
image002.emz
Description:
Attachment:
image003.png
Description:
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Snort-users Digest, Vol 75, Issue 15 Dang Le Nam (Aug 13)