Snort mailing list archives
Re: How to detect OS with Snort?
From: Peter Bates <peter.bates () ucl ac uk>
Date: Tue, 8 May 2012 15:23:59 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello all On 08/05/2012 14:26, Borja Luaces wrote:
Good afternoon, First of all I have to say that I am new to Snort. I am trying to create an alert rule to detect the OS but everytime I try it it seems not to work.
Nick has mentioned nmap but depending on what you're trying to do you might have better luck with PRADS: http://gamelinux.github.com/prads/ ... or p0f, etc. - -- Peter Bates Senior Computer Security Officer Phone: +44(0)2076792049 Information Services Division Internal Ext: 32049 University College London London WC1E 6BT -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJPqSx/AAoJELhVoVpEMS6R/b4H/0/vC8YSxLB15Jtse0nWYhPo 2CAM83FaR529y9cojvVUJ1mGomsbflly2QDnPwIAu9+iTDOWw/oAD6m0U2+ev0Np Dr7LZKrbj6HhSNribxhJV3Y6ADv0urir7dDxulIBvIkSpAVKyB6lgxcvHILzQ2Ry UEuLLVPGjdnx6htYKVKITVXwjUtITSKsdXg+NUHGXTBHvQBddk4wmuVg50MsZ8y1 vCgY+fZkcWlkJ2MXskQRIY2YK1ng8m6xfp6U4aqez3v0bqMrOCRZUHPQCh77KH2e ciKYy2K94vMPVH2+Kd+0tz+7cBxpeDuZ0OAHi45mAgf9cn+DMsBYHI+/1XL1fG8= =Ddv4 -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- How to detect OS with Snort? Borja Luaces (May 08)
- Re: How to detect OS with Snort? Nick Moore (May 08)
- Re: How to detect OS with Snort? JJC (May 08)
- Re: How to detect OS with Snort? Peter Bates (May 08)
- Message not available
- Fwd: How to detect OS with Snort? Borja Luaces (May 08)
- Re: Fwd: How to detect OS with Snort? Joel Esler (May 08)
- Re: Fwd: How to detect OS with Snort? Jason Haar (May 08)
- Re: Fwd: How to detect OS with Snort? waldo kitty (May 08)
- Re: Fwd: How to detect OS with Snort? Borja Luaces (May 08)
- Re: Fwd: How to detect OS with Snort? Kevin Ross (May 09)
- Re: Fwd: How to detect OS with Snort? Borja Luaces (May 09)
- Re: Fwd: How to detect OS with Snort? Peter Bates (May 09)
- Re: Fwd: How to detect OS with Snort? Paul Schmehl (May 09)
- Re: Fwd: How to detect OS with Snort? Borja Luaces (May 09)
- Message not available
- Re: How to detect OS with Snort? Nick Moore (May 08)