Snort mailing list archives
Re: about rules commented
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Fri, 29 May 2015 13:10:44 +0000
On May 27, 2015, at 11:16 PM, Diego Batigoal <diegobatigoal () yahoo com au<mailto:diegobatigoal () yahoo com au>> wrote: Hi Waldo, On the Certified Ethical Hacker v8 module on pg. 861. I have to apply a few steps. I have attached a pdf so you can have a look and have a better view. Let me know if you are not able to view it. Looks like you are looking for an ICMP rule. Take a look at protocol-icmp.rules? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group http://www.talosintel.com On Thursday, 28 May 2015, 12:39, waldo kitty <wkitty42 () windstream net<mailto:wkitty42 () windstream net>> wrote: On 05/27/2015 07:24 PM, Diego Batigoal wrote:
I realized that and still struggling with this step. Maybe somebody that had done the same training (CEH v8) could help.
what step? what training, where?
I can't proceed from this step onwards. I have found the missing rules but cant seem to find the one I want.
what, exactly are you looking for? it is starting to sound like the training ""manual"" it out of date... that's real easy to happen with snort and its rules because of the way snort is updated and older versions are retired with no support at all... -- NOTE: No off-list assistance is given without prior approval. Please *keep mailing list traffic on the list* unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net<mailto:Snort-sigs () lists sourceforge net> https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org<http://www.snort.org/> Please visit http://blog.snort.org <http://blog.snort.org/> for the latest news about Snort! <CEH v8 Labs Module 17 Evading IDS, Firewalls and Honeypots 16.pdf>------------------------------------------------------------------------------ _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net<mailto:Snort-sigs () lists sourceforge net> https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- about rules commented jihene ksiksi (May 27)
- Re: about rules commented Joel Esler (jesler) (May 27)
- Re: about rules commented Diego Batigoal (May 27)
- Re: about rules commented waldo kitty (May 27)
- Re: about rules commented Diego Batigoal (May 27)
- Re: about rules commented Joel Esler (jesler) (May 29)
- Re: about rules commented Diego Batigoal (May 27)
- Re: about rules commented Joel Esler (jesler) (May 27)