Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Trouble in triggering the snort rule to detect FTP Brute Force attack

From: Joel Esler <joel.esler () me com>
Date: Mon, 12 Apr 2010 10:13:19 -0400
On Apr 12, 2010, at 9:54 AM, "evilghost () packetmail net" <evilghost () packetmail net> wrote:




This looks suspiciously like a question from a student on a course
that includes Snort in it. i.e. A contrived situation.

The answers you seek are in the snort manual, the README files and the
many other sources of information on the Internet.

Manjushree just try not to put too much faith in the manual since it 
seems like it was a task assigned to a student in a course that includes 
Snort and the student was ESL.




Evilghost, we get the same series of questions every year, and the professors of these classes appreciate it when we 
don't specifically provide the answer.

As for the manual, we are going to be taking a look at that in the upcoming timeframe and really trying to make it as 
best as we can, until then, please continue to provide the little things like colons and spaces in the wrong places. 
That helps. 

J 

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
Previous By Date Next
Previous By Thread Next

Current thread: