Re: Worm detection in LAN

[Balasubramaniam Natarajan <bala150985 () gmail com>]

On Sat, Dec 8, 2012 at 6:01 AM, reshma purushothaman <
reshmapurushothaman () gmail com> wrote:

> Hello
>
> We are trying to implement a project using SNORT tool. It is a client
> –server communication system. On receiving the packet from a system which
> has a worm, the snort tool in the server needs to detect the address of the
> client  from which the packet was sent and also  reject the packet. The
> server needs to get the information regarding the IP address of the client,
> the file name of the rejected packet and also a confirmation that the
> packet has been rejected.

What is that you are looking in the packet which signifies worm activity ?


-- 
Regards,
Balasubramaniam Natarajan
www.blog.etutorshop.com

------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!