Snort mailing list archives
predefined rules
From: José Luis Rodríguez Rodríguez <jlrod2 () gmail com>
Date: Wed, 15 Oct 2014 19:26:25 +0200
Hello, I'm trying to catch alerts about access as root user to a mysql server by using the predefined rules but it's not possible. The rule is: alert tcp any any -> 192.168.236.148 3306 (msg:"root access"; content:"root"; sid:10000001); What can be the problem? -- Saludos, José Luis ------ Profesor Informática IES Jacarandá - Brenes (Sevilla) http://www.iesjacaranda.es - www.iesjacaranda-brenes.org twitter: @jlrod2
------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- predefined rules José Luis Rodríguez Rodríguez (Oct 15)