Snort mailing list archives

Previous By Date Next
Previous By Thread Next

predefined rules

From: José Luis Rodríguez Rodríguez <jlrod2 () gmail com>
Date: Wed, 15 Oct 2014 19:26:25 +0200
Hello, I'm trying to catch alerts about access as root user to a mysql
server by using the predefined rules but it's not possible. The rule is:

alert tcp any any -> 192.168.236.148  3306 (msg:"root access";
content:"root"; sid:10000001);

What can be the problem?

-- 
Saludos,


José Luis
------
Profesor Informática IES Jacarandá -  Brenes (Sevilla)
http://www.iesjacaranda.es  -   www.iesjacaranda-brenes.org
twitter: @jlrod2

------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: