Snort mailing list archives
worms detection
From: Eugeniu Babin <eugen.babin () gmail com>
Date: Mon, 8 Dec 2014 17:01:17 +0100
Hi All, I have a question regarding the possibility to catch worms activity by using SNORT. Currently I have SNORT 2.9.7 (with Personal subscription for Rules 29 USD/Year) running and sniffing a part of the network. I'm sure that some of stations are infected with Conficker worm (for example), but unfortunately My snort is quiet about this. So: Q1: Is snort capable to detect such worms like conficker ? Q2: If Yes should I be able to identify worms with My Personal subscription ? Q3: Should I upgrade to Business subscription? Thank You, Eugene
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- worms detection Eugeniu Babin (Dec 08)
- Re: worms detection Joel Esler (jesler) (Dec 08)