Honeypots mailing list archives
Re: Honeywall with some problems
From: "Krzysztof Cabaj" <kcabaj () gmail com>
Date: Wed, 22 Feb 2006 17:30:33 +0100
Hello,
Third, i what to use this honeypot to catch spam. How can i set snort to extract me the mails that exit from honeypot? Is there another method to catch them, other than tcpdump logs?
You should load to Snort signature like this log tcp <<your honeypots'a network adress >> any <> any 25 (session:printable;) This rule dump all SMTP sessions to ascii files. Regards, Krzysztof (Christopher) Cabaj
Current thread:
- Honeywall with some problems George (Feb 22)
- Re: Honeywall with some problems Krzysztof Cabaj (Feb 22)