Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: brute force

From: waldo kitty <wkitty42 () windstream net>
Date: Mon, 24 Jun 2013 12:15:32 -0400
On 6/23/2013 17:41, Balla István wrote:

Hello,

I have a question about how Snort detects and prevent brute force attacks.
E.g.: I use hydra to bruteforce a remote SSH server knowing the username and
going thru a list of possible pwds.


rules would be written either with thresholds built into them or one would use 
the threshold.conf file on those rules... this to be able to quantify the number 
of attempts within X period of time...

-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: