Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Virus Detector

From: "Jimmy Norton" <jnorton () nova edu>
Date: Mon, 29 Mar 2004 10:53:35 -0500
Hello, All-

My director has put me in charge of building a system that can help detect
machines on our network that are infected with various viruses.  I have
built a Snort box using Red Hat Fedora Core 1, MySQL, PHP, and ACID.  The
machine is snorting and posting alerts.  However, I am having trouble
writing rules that effectively detect the type of traffic these various
malicious agents create.  Does anyone have any experience writing rules for
this purpose?  I'd appreciate any help.

Thanks in advance.

Jimmy Norton
~~~~~
Network Security Specialist
Nova Southeastern University




-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: