Snort mailing list archives
NIPS Rules
From: Manojit Ghosh via Snort-users <snort-users () lists snort org>
Date: Mon, 21 Aug 2017 23:55:40 +0530
Hi, I have installed Snort 2.9.9.0 on windows 7 professional 32 bit and running it using the command snort -i 3 -c C:\Snort\etc\snort.conf -A fast. In the alert.ids file, I see a lot of reset outside window alerts, such as this, 08/21-23:16:37.473511 [**] [129:15:1] Reset outside window [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:443 -> XXXX:XXXX:XXXX:XXXX:XXXX:57462. I have reason to believe that these alerts are the result of malicious activities. I want to protect my network from these attacks. Please provide me the precise instructions to prevent these attacks, i.e. the rule(s), the file to place the rule(s) in, & the location of the file. -- Manojit Ghosh CEO, A Joshing Moth ajoshingmoth.blogspot.in *Disclaimer:* This e-mail contains privileged and confidential information intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. The sender has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail. You should carry out your own virus checks before opening the e-mail or attachment. The sender reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the e-mail system. *End of Disclaimer*
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- NIPS Rules Manojit Ghosh via Snort-users (Aug 21)
- Re: NIPS Rules wkitty42 (Aug 21)
- Re: NIPS Rules Manojit Ghosh via Snort-users (Aug 21)
- Re: NIPS Rules wkitty42 (Aug 22)