Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort-users Digest, Vol 75, Issue 15

From: "Dang Le Nam" <lenam.cntp () gmail com>
Date: Mon, 13 Aug 2012 20:51:49 +0700
Message 3: 

hi experts, I'd like to use portscan preprocessor for detect nmap scan, But it' can't works, could you give me some 
hint? many thx! 
please see snort.conf as attached, I'm not sure how to do let portscan works for now!

 

 

I guess you use snort more 2.9.x. Please open “#”  line:  617,618 and try it 

###################################################

    612 # Step #8: Customize your preprocessor and decoder alerts

    613 # For more information, see README.decoder_preproc_rules

   614 ###################################################

    615 

    616 # decoder and preprocessor event rules

    617  include $PREPROC_RULE_PATH/preprocessor.rules

    618  include $PREPROC_RULE_PATH/decoder.rules

    619 # include $PREPROC_RULE_PATH/sensitive-data.rules

 

--------------------

Đặng Lê Nam

Attachment: image002.emz
Description:

Attachment: image003.png
Description: 

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: