Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack

From: wkitty42 () windstream net
Date: Mon, 29 Feb 2016 12:37:23 -0500
On 02/29/2016 08:08 AM, ARUN LAL wrote:

Currently we are facing BruteForce Attack from server IP's to our server and
our IP tables didn't block any IP. Could you please suggest in which rule i
need to add in the snort(Please mention config file).


there is no way to suggest anything without /any/ data to work with... have you 
read the FAQ? specifically the section about the mailing lists and how to get 
answers to your questions??

   https://www.snort.org/faq

-- 
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: