Snort mailing list archives
Re: Snort Rule
From: "Al Lewis \(allewi\) via Snort-users" <snort-users () lists snort org>
Date: Thu, 29 Mar 2018 14:04:11 +0000
https://www.snort.org/faq/what-can-i-do-with-snort https://www.snort.org/faq Albert Lewis ENGINEER.SOFTWARE ENGINEERING Cisco Systems Inc. Email: allewi () cisco com<mailto:allewi () cisco com> From: Snort-users <snort-users-bounces () lists snort org> on behalf of Shane Corridon via Snort-users <snort-users () lists snort org> Reply-To: Shane Corridon <shane.corridon () mycit ie> Date: Thursday, March 29, 2018 at 9:49 AM To: waldo kitty <wkitty42 () windstream net> Cc: "snort-users () lists snort org" <snort-users () lists snort org> Subject: Re: [Snort-users] Snort Rule Hi Would I be able to use snort to sniff network traffic and check weather a new installation is transfering large amounts of data around the network, that it should not be sending? Thank you for your help On 29 March 2018 at 14:09, <wkitty42 () windstream net<mailto:wkitty42 () windstream net>> wrote: On 03/29/2018 08:33 AM, Shane Corridon via Snort-users wrote: Hi All, I am looking for a rule to scan the computer after a new program has been installed and return any alarming results or return an "Everything is normal" result. snort is not the right tool for this... snort only sniffs network traffic and packet capture (aka pcap) files of network traffic... -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list unless* *a signed and pre-paid contract is in effect with us.* _______________________________________________ Snort-users mailing list Snort-users () lists snort org<mailto:Snort-users () lists snort org> Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Snort Rule Shane Corridon via Snort-users (Mar 29)
- Re: Snort Rule wkitty42 (Mar 29)
- Re: Snort Rule Shane Corridon via Snort-users (Mar 29)
- Re: Snort Rule Al Lewis (allewi) via Snort-users (Mar 29)
- Re: Snort Rule Shane Corridon via Snort-users (Mar 29)
- Re: [Snort-users] Snort Rule Joel Esler (jesler) via Snort-sigs (Mar 29)
- Re: [Snort-users] Snort Rule wkitty42 (Mar 29)
- Re: Snort Rule Shane Corridon via Snort-sigs (Mar 31)
- Re: [Snort-sigs] Snort Rule Joel Esler (jesler) via Snort-users (Mar 31)
- Re: Snort Rule wkitty42 (Mar 29)