Snort mailing list archives
Re: Worm detection in LAN
From: Balasubramaniam Natarajan <bala150985 () gmail com>
Date: Tue, 11 Dec 2012 04:29:30 -0500
On Sat, Dec 8, 2012 at 6:01 AM, reshma purushothaman < reshmapurushothaman () gmail com> wrote:
Hello We are trying to implement a project using SNORT tool. It is a client –server communication system. On receiving the packet from a system which has a worm, the snort tool in the server needs to detect the address of the client from which the packet was sent and also reject the packet. The server needs to get the information regarding the IP address of the client, the file name of the rejected packet and also a confirmation that the packet has been rejected.
What is that you are looking in the packet which signifies worm activity ? -- Regards, Balasubramaniam Natarajan www.blog.etutorshop.com
------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Worm detection in LAN reshma purushothaman (Dec 10)
- Re: Worm detection in LAN Balasubramaniam Natarajan (Dec 11)
- Re: Worm detection in LAN reshma purushothaman (Dec 11)
- Re: Worm detection in LAN Balasubramaniam Natarajan (Dec 11)
- Re: Worm detection in LAN reshma purushothaman (Dec 11)
- Re: Worm detection in LAN Balasubramaniam Natarajan (Dec 11)