Snort mailing list archives
Re: Snort rules
From: Y M via Snort-users <snort-users () lists snort org>
Date: Mon, 23 Jul 2018 17:56:42 +0000
The very same request was asked yesterday on the snort-sigs list, I believe. The rules to detect SSH brute force attempts is sid:19559 and exists in the indicator-scan.rules file. You can register to Snort website via https://www.snort.org/users/sign_up and download the rules tarball and look for the signature you are looking for. Sending the same question over and over may actually be the opposite of getting the help you are seeking. ________________________________ From: Snort-users <snort-users-bounces () lists snort org> on behalf of jeanmicheltangue via Snort-users <snort-users () lists snort org> Sent: Sunday, July 22, 2018 7:39 PM To: snort-users () lists snort org Subject: [Snort-users] Snort rules if it's an emergency .. I need the rule that triggers an alert automatically when more than two or three ssh login attempts have been made Envoyé depuis mon smartphone Samsung Galaxy.
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Snort rules Jean Michel Tangué via Snort-sigs (Jul 22)
- Re: Snort rules Y M via Snort-sigs (Jul 22)
- <Possible follow-ups>
- Snort rules Jean Michel Tangué via Snort-sigs (Jul 22)
- Re: Snort rules Y M via Snort-sigs (Jul 22)
- Snort rules jeanmicheltangue via Snort-users (Jul 23)
- Re: Snort rules Y M via Snort-users (Jul 24)
- Snort rules jeanmicheltangue via Snort-users (Jul 23)
- Re: Snort rules Y M via Snort-users (Jul 24)
- snort rules Jean Michel Tangué via Snort-sigs (Jul 23)
- Re: snort rules Joel Esler (jesler) via Snort-sigs (Jul 23)
- Re: snort rules wkitty42--- via Snort-sigs (Jul 23)
- Re: snort rules Joel Esler (jesler) via Snort-sigs (Jul 23)