Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Detecting SYN Floods

From: "Sheahan, Paul" <Paul.Sheahan () priceline com>
Date: Thu, 13 May 2004 11:41:43 -0400
 

I would like to do both of the following with Snort:

 

*       Detect a high number of SYNs from one source over a short period
of time
*       Detect a high number of requests for a web page over a short
period of time

 

Just curious if anyone has found a good way to do this with Snort.

 

Thanks
Previous By Date Next
Previous By Thread Next

Current thread: